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ABSTRACT 


This thesis uses systems engineering teehniques to assess the feasibility for the 
United States Army to use IPv 6 seeurely over an IEEE standard 802.15.4 ( 6 E 0 WPAN) 
network in both an operational and a support role. The methods used include assessing 
the limitations and security mechanisms of 6 L 0 WPAN, assessing wireless security 
concerns, small battery capacity and duration, and the remaining potential for use in both 
environments. The same model could apply to other protocols or capabilities given 
operational requirements. Expected operational situations aid in identification of 
requirements. The two operational scenarios examined in this thesis indicate 6 E 0 WPAN 
could provide value and meet technical requirements in a support environment such as a 
combat hospital, but analysis of a tactical situation such as replacing an AN/PRC-154A 
radio for Nett Warrior backhaul indicates its implementation would be problematic. 
Specifically, in the generalized tactical role, 6 E 0 WPAN devices with a standard AAA 
rechargeable battery exhibit a lifetime of 11.7 hours or 15.3 hours with a standard AA 
rechargeable battery and 2.45-inch device length transmitting at -2 dBm. The required 
encryption standards and layered protocol stack headers result in message payload limits, 
the worst-case being 45 bytes of data. Reliable voice communications are not feasible 
over 6 LoWPAN’s limited bandwidth. 
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EXECUTIVE SUMMARY 


This thesis uses systems engineering teehniques to assess the feasibility of the 
United States (U.S.) Army seeurely using IPv 6 over an IEEE standard 802.15.4 
( 6 E 0 WPAN) network. The Internet of Things (loT) offers eonneetivity to previously 
isolated deviees needing to pass only small amounts of information. Current trends to 
maximize transmission speeds and data throughput pay little eoneern to energy. This 
thesis presents a model that assesses 6 E 0 WPAN in both a potential operational role as a 
Blue Eoree Traeker (BET) baekhaul and a potential support role as eonneeting a eombat 
support hospital (CSH) as a smart building. Examination of the two seenarios indieate 
6 L 0 WPAN eould provide value and meet teehnieal requirements in a support 
environment, but analysis of a taetieal situation sueh as replaeing a AN/PRC-154A radio 
for BET baekhaul within the Nett Warrior system indieates its implementation would be 
problematie. Speeifieally, in the taetieal role, 6 E 0 WPAN deviees with one standard AA 
reehargeable NiMH AA battery, a small dipole antenna only 0.45 inehes longer than the 
battery, and proeessing eapability draining power at 5 nJ/bit send team member position 
updates every 10 seeonds at spaeing intervals up to 300 meters apart to the team leader. 
Under this speeifie requirement, eaeh team member deviee lasts over 15.3 hours. The 
limitation of battery deviee size and NS A type I eneryption standards result in messages 
limited to 45 bytes of data. The range limitations of 6 L 0 WPAN and narrow messaging 
eapability get exehanged for extremely low SWAP amounts. 

The thesis initially examines the loT as well as the genesis of the study and 
baekground. The Army user eommunity, as any entity, arguably gravitates toward high 
bandwidth, high-powered deviees to aeeomplish tasks in an inereasingly eomplex 
network environment. In eontrast, the Soldier on the battlefield prefers the lightest weight 
solution meeting the requirements. The loT eoneept embraees network eonneetivity of 
every day, isolated eleetronie objeets for two-way data eommunieations using extremely 
low power with the intent of extending duration. This thesis first analyzes feasibility 
leveraging the benefits of IPv 6 funetionality over a lower size, weight, and power 
(SWAP) solution to still meet eurrent user requirements. 
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This thesis then explores the eapabilities and options available by using 
6 L 0 WPAN. Deerements made at each protocol stack layer translate to headers required 
to achieve user requirements and remaining payload space. Standards for each protocol 
stack layer define required header contents and allow a capability assessment of each 
option. Each selected option determines remaining packet size in octets that defines 
application layer payload minimum and maximum limits. First, the physical layer offers 
topology options and node identification protocols. The data link layer offers security 
alternatives of 6 L 0 WPAN. Each option yields varying message security levels to meet 
U.S. Army requirements. The network layer determines routing protocols in lieu of a full 
40-byte IPv 6 header that would diminish remaining payload space. The transport layer 
determines how the messages move through the network and whether or not two-way 
communications require receipt acknowledgments. Finally, any remaining payload can 
carry data traffic. The most streamlined scenario leaves 87 octets for application layer use 
while even the most robust leaves 45 octets for application layer use. 

Systems engineering approaches develop user requirements for an operational 
BET scenario and a less volatile equipment-tracking scenario in an Army CSH. Elser 
requirements for throughput, frequency of position update, maximization of device 
duration, and minimization of device size define feasibility space of an assessment or 
design space for development. Subsequently, each user requirement gets measured 
against 6 E 0 WPAN capabilities and constraints. Various device sizes and associated 
dipole antenna lengths, throughput constraints, multiple transmission powers, specified 
receiver sensitivity, encryption, and resiliency all translate into measures of success. 

A holistic view of the set of measures determines 6 EoWPAN’s feasibility for secure 
Army use. 

As a result, the Army and other services should investigate use of 6 E 0 WPAN in 
environments with limited energy and low throughput requirements. Specific areas for 
future research and application of the study to similar areas for analysis include defining 
logical interfaces with existing or necessary capability, measuring sufficiency of 
performance from a user perspective, material enhancements to increase SWAP savings, 
and application of this model to additional use cases. 



I. 


INTRODUCTION 


A. BACKGROUND 

The Internet of Things (loT) embraees network eonneetivity of everyday, non¬ 
computer objects for two-way data communications. The loT concept offers potential to 
extend connectivity to devices and mobile nodes at the tactical edge of the battlefield at 
low cost. Size, weight, and power (SWAP) provide strong metrics for measuring 
consumer cost. The individual Soldier positioned at the last tactical mile places a 
premium on minimizing SWAP. Likewise, asset location tools enable leaders to assess 
quickly and reallocate personnel and resources to the right place and time. Internet 
Protocol version 6 (IPv 6 ) over a low-power wireless personal area network (LoWPAN), 
defined by the Institute of Electrical and Electronic Engineers (IEEE) as 802.15.4, is 
often referred to as 6 E 0 WPAN. The IEEE 802.15.4 standard specifies physical layer and 
media access control layer (MAC) for EoWPANs, focusing on low-cost, low-speed, and 
low-power communication. IPv 6 adds the upper layer protocols enabling the network and 
transport protocols. 6 E 0 WPAN commonly encapsulates the combination of IPv 6 over an 
802.15.4 network. Shadowed by ever-increasing bandwidth and range capable devices, 
this often-overlooked protocol offers a relatively small SWAP footprint position location 
capability to the United States Army. 

The leaders of today’s Soldiers risk sensory overload from informational displays 
while simultaneously deciphering friend or foe in an often-asymmetric environment. The 
information presented to the Soldiers may require fusion or processing before becoming 
actionable, or even useful, intelligence. One tool requiring little to no individual 
processing, quickly locating friendly forces on the battlefield, is blue-force tracking 
(BET). While maintaining locational awareness of friendly forces in a dismounted 
operation often occurs through line of sight (EOS) or verbal passing of information 
within a small fire-team or squad sub-section, supporting elements or higher echelons 
may be left only approximating individual Soldier locations. The U.S. Army’s 
dismounted BET system. Nett Warrior, named after WWII Medal of Honor recipient. 

Colonel Robert B. Nett, allows users to see their own location, location of other users, 
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and locations of the enemy on a moving map (Lopez 2010). The Nett Warrior system 
being fielded today currently offers the location of the system users (Dawson 2015). 
Additionally, current initiatives aim to reduee the weight burden, often surpassing 
100 pounds, on Soldiers while maintaining or enhancing current operating eapabilities 
(Friedl and Santee 2011). Using 6 L 0 WPAN is a potential solution to increasing 
awareness of individual Soldier positions while ineurring negligible weight inerease to 
the Soldier’s payload. 

IEEE 802.15.4 networks operate on different frequency ranges depending on 
modulation schemes and loeation. Additionally, some of the frequencies are reserved for 
industrial, scientific, and medical (ISM) uses and authorization for use hinges upon 
aecepting interference from lieensed users and not interfering with those lieensed users. 
(Eederal Communications Commission 2016). Regulatory bodies in China, Japan, Europe 
and the United States set allowed frequency ranges and channel allocations (IEEE 2011). 
Current commereial uses of 802.15.4 physieal networks include interior lighting control, 
audio and video eontrol, thermostat control, interactive toys, smart badges, or multiple 
home monitoring systems. Industry also finds utility in 802.15.4 networks for remote 
sensor and actuator control in monitoring or automation processes (Toscano and Bello 
2012). Even loeation deteetion of eritical equipment by means other than radio-frequency 
identification (REID) is possible, though not ideal, for 802.15.4 networks. These 
networks require augmenting upper layer protocol to perform self-computed range 
detection (Wheeler 2007). 

IPv 6 also aceelerates router processing using an improved option mechanism and 
configures addresses dynamieally, if necessary. Addressing with IPv 6 protoeol inereases 
flexibility by increasing the number of address layers. Specifically, IPv 6 is built to multi¬ 
cast messages (i.e., sending messages to a speeifically tailored audienee), without current 
limitations eurrently seen in IPv4. IPv 6 ’s additional fields even allow users to tailor parts 
of a paeket for special handling (Stallings 2014). IP Security (IPSec) also increases with 
IPv 6 , inherently offering embedded features preventing many, though not all, attaeks 
eommon to wireless sensor networks (WSNs). 
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This thesis studies 6 L 0 WPAN as an available eapability, rather than a tangible 
material solution, to fit eurrently unspecified requirements. Within the defense industry, 
many specific solutions exist in search of requirements to the benefit of the contractor 
that funds such projects with internal research and development (IRAD) dollars. 
6 L 0 WPAN, however, is a concept apart from specific hardware, and this thesis assesses 
the feasibility of further research upon evaluating the security and operability against 
presumed requirements derived through systems engineering techniques. 

B. POTENTIAL BENEFITS 

The loT concept comprises the future of all machines, all appliances, and all 
digital “things” being assigned an IP address. Possessing an IP address allows the 
potential for communication capability with the rest of the World Wide Web. Existing 
routing and security protocols allow tremendous potential for military application. 
Potential uses of assigning IP addresses to “things” include secure two-way 
communications capable of securing sensor-specific information. Two-way traffic allows 
sensors to receive secure keying material (KEYMAT) or even data input should the node 
possess onboard storage capacity. 

EoWPANs offer a less costly, more energy efficient, scalable alterative to mesh 
networking in applications not demanding high-throughput or high-definition video. 
Energy efficiency translates directly to lessened weight on the Soldier and less platform 
or facility waste. Eurthermore, properly allocating communication periodicity extends 
battery life and increases overall system value. Before the Internet Engineering Task 
Eorce (lETE) released standards on 6 E 0 WPAN, an alliance of companies seeing a need 
for a EoWPAN routing protocol formed the Zigbee Alliance that built upon the IEEE 
defined 802.15.4 standard. Today, the Zigbee Alliance standard, specifically designed for 
802.15.4 networks, accomplishes similar functions of IPv 6 though the two standards are 
incompatible. Still other standards have been and can be developed to route traffic over 
the IEEE 802.15.4 standard. IPv 6 offers the most widely known and community- 
supported standard allowing more rapid implementation within a modularized acquisition 
or system integration. 
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C. GOALS AND OBJECTIVES 

This thesis uses systems engineering teehniques to explore the seeurity and 
feasibility of using 6 L 0 WPAN in an operational as well as a support setting. Applieations 
of 6 L 0 WPAN inelude, but are not limited to, those previously mentioned. 

Research questions to help determine the feasibility of 6 L 0 WPAN for Army 
usage include: 

1. How might the Army employ 6 L 0 WPAN? 

a. Why would the Army want 6 L 0 WPAN? 

b. What are the limitations of 6 L 0 WPAN? 

c. Where would 6 L 0 WPAN interface current capabilities? 

2. How secure is 6 L 0 WPAN for operational or support use? 

a. What security options are available to 6 L 0 WPAN? 

b. What security mechanisms are most important to the Army? 

c. How well can 6 L 0 WPAN defend against common attacks? 

3. How well can 6 L 0 WPAN support required operations? What is the 

maximum expected performance in terms of range, duration, and 

throughput? 

4. What would 6 L 0 WPAN cost the Army, in terms of SWAP, to employ 

6 L 0 WPAN? 

5. Is further exploration of 6 L 0 WPAN for Army use worthwhile? 

D. METHODOLOGY 

Methodology for this thesis will use systems engineering techniques to determine 
the feasibility of 6 L 0 WPAN for two generic Army use cases. An exploration of the 
problem space through user perspectives, potential threats, and operational concepts 
culminating in an operational scenario help shape the operational requirements. 

Combined with defined system boundaries and functional analysis, a complete list of 
requirements develops the framework with which to measure feasibility. Lastly, analysis 
of expected system performance against defined requirements determines feasibility. 
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II. 6LOWPAN OVERVIEW 


A. INTERNET PROTOCOL VERSION 6 

Transmitting data over an IEEE 802.15.4 network requires protocol standards 
above the data link layer (DLL). This thesis specifically analyzes use of IPv 6 due to the 
widespread adoption and accepted standards worldwide. IEEE only specifies the 
standards at and below the DLL due to the variety of networking options able to sit atop 
the physical layers. The IETF, initiators of IPv 6 , exists to make the Internet work better 
and to improve Internet-based communications through standardization (Alvestrand 
2004). Other entities, perhaps lesser known or specifically designed for a sub-network, 
specify alternative protocols usable at any level peer-to-peer communications occur. 
Organizations similar to the IETF may also develop routing protocols that sit atop the 
Data Link Layer (DLL) as depicted in Figure 1. 


Physical Exchange Medium 
defined by the IEEE 

Large collections of protocols used by the Internet Activities Board (lAB) define the 
TCP/IP Protocol Suites. Standardized protocol allows peer-to-peer communication. 

Figure 1. TCP/IP Protocol Suite. Source: Stallings (2014). 

The Zigbee Alliance, almost synonymous with 6 L 0 WPAN, claims to provide the 
only open, global wireless standard that provides foundation to the Internet of Things. 
The Zigbee Alliance consists of approximately 450 member companies, purportedly non- 
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profit, specifically developing products complying to an agreed-upon standard 
established prior to the release of the 6 L 0 WPAN working group’s first requests for 
comment (RFC), 4919 and 4944, both released in 2007 (Montenegro et al. 2007; 
Kushalnagar, Montenegro, and Schumacher 2007). The two protocols, 6 L 0 WPAN and 
Zigbee, accomplish practically identical tasks but 6 L 0 WPAN offers versatility of readily 
running on other physical layer mediums. Bridging a gap between non-Zigbee and 
Zigbee compliant devices requires a more complex gateway application than 6 L 0 WPAN 
(Sarto 2016). This thesis does not explore the nuanced advantages or disadvantages 
between Zigbee and 6 L 0 WPAN but uses 6 L 0 WPAN as the study case due to proclivity 
of information and interoperability on mediums beyond IEEE 802.15.4 networks. 

B. PACKET ARCHITECTURE 

IEEE 802.15.4 networks have a single packet maximum transmission unit (MTU) 
constraint of 127 octets, or bytes (Montenegro et al. 2007). Constraints dictate design 
space, thus, the 127-octet limit of a single packet forces fragmentation of messages 
exceeding the single frame payload size (Montenegro et al. 2007). 6 L 0 WPAN networks, 
although capable of multi-frame transmissions, expect one-frame, or packet, 
transmissions that minimize excessive headers required to fragment and reassemble the 
original message (Kushalnagar, Montenegro, and Schumacher 2007). Additionally, 
because IPv 6 requires assembly of packets below the network layer, multiple frame 
packets could prove too much for devices with little memory or processing capacity to 
reassemble (Kushalnagar, Montenegro, and Schumacher 2007). However, depending on 
the selected application of 6 L 0 WPAN, dropped packets may be inconsequential 
assuming most packets arrive at the intended destination. Specific operational 
requirements must dictate the quality of service (QoS) that is technically required. Within 
the TCP/IP Protocol Suite, each protocol layer further restricts the amount of payload 
available to the next higher layer. 

1. Physical Layer 

The 127 bytes in the IEEE 802.15.4 packet includes a 25-byte header in addition 
to the payload. The 25-byte header includes information such as a preamble and delimiter 
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that enable receiving nodes to synchronize with the bit stream, frame control sequence 
number, frame length, source and destination MAC addresses, and others. NXP 
Laboratories demonstrated short addressing in a mesh network by reducing the physical 
layer header to 16 bytes and reducing a network in a star topolgy to only nine bytes as 
shown in Figure 2 (NXP Laboratories 2013). The compression of this field, or any other, 
is not the direct focus of this work but demonstrates parameters allowable for analysis. 


star Topology (9) 

Short AddreisTngTis) )_^ Rwmairong Payload (RP) 

Maximum Frame Overhead (25) 


9-25 Octets 102-118 Octets 


Physical Layer 


127 Octets 




The physical layer header compression options can leave as much as 118 octets for 
remaining payload space. 


Figure 2. Physical Layer Compression Options. 


2. Data Link Layer 

Encryption lies within the upper sub-level of the DLL, the logical link control 
sub-layer (LLC), that sits atop the medium access control (MAC) sub-layer. The 
Advanced Encryption Standard (AES) demonstrates a viable security layer in an 802.15.4 
network and is specified in the RFC 4919 (Kushalnagar, Montenegro, and Schumacher 
2007). The 128-bit advanced encryption standard, AES-128, exists in IPSec by default. A 
common augmentation of AES includes cipher block chaining message authentication 
code (CBC-MAC). Incorporating an additional counter to the CBC-MAC (CCM) ensures 
uniqueness of every MAC. Networks commonly use AES-CCM with various bit block 
sizes ranging from 32 to 256. The keying material, KEYMAT, request for each AES- 
CCM-128 requires 21 octets as specified by RFC 4944 (Montenegro, Kushalnagar, 
Nandakishore, Hui, and Culler 2007). RFCs pertaining to 6L0WPAN do not specify octet 
requirements for 256-bit encryption. AES-CCM creates randomly generated initialization 
vectors, IV, at the sources, unique to each transmission preventing replay attacks 
(Hersent, Boswarthick, and Elloumi 2012; Housley 2005). Encryption, regardless of 
selected size, requires four bytes for frame counting and one byte for key counting. This 
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increases the header by five bytes, or octets (Sastry and Wagner 2004). The RFC 4944 
indicates that dividing the eneryption bit key size by eight and adding five administrative 
bytes, equates to a theoretical header demand of 37 octets for AES-CCM-256 bit key 
eneryption, 29 octets for AES-CCM-192, and 21 octets for AES-CCM-128. Figure 3 
demonstrates the header required for eaeh level of eneryption and the corresponding 
remaining payload and results in answering the researeh question of what seeurity options 
are available to 6 L 0 WPAN. 

The military requires use of AES-CCM-256, a NSA Type I eneryption standard, 
for transmitting traffic up to top secret (National Seeurity Agency 2015). However, the 
National Institute of Standards and Teehnology (NIST) further clarifies AES-CCM-128 
acceptable to transmit sensitive but unclassified government information (Barker and 
Roginsky 2015). A requirement to pass top seeret information leaves only 65 bytes of the 
102 bytes on an 802.15.4 network available for upper layer usage. The most current 
6 E 0 WPAN RFC detailing AES specifies only as high as AES-CCM-128 eneryption. The 
operational security requirements using 6 E 0 WPAN will be discussed later in this chapter 
but the brief exploration of requirements addresses security mechanisms most important 
to the Army. 



The DLL could have increasing bit counts to enhance protection. AES-CCMs-192 and 
256 are not specified by any standard for 6 L 0 WPAN. If implementing AES-CCM-192 or 
256, payload space begins to lessen for higher-level protocols. 

Figure 3. Data Eink Layer Security Options. 
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3. Network Layer 

Above the DLL lies the network layer, speeifically IPv6 in 6LoWPANs. In a 
general sense, IPv6 standardization of packet header size to 40 bytes eases the burden on 
inter-routing processing as compared to IPv4 header sizes that vary between 20 and 
40 bytes, depending on options. Additionally, IPv6 limits the size of a single packet per 
transmission, or MTU, to 1280 octets (Kushalnagar, Montenegro, and Schumacher 2007). 
However, a MTU of 1280 octets assumes no lower layer constraints. The IEEE 802.15.4 
MTU constraint of 127 octets presents a notable problem of not leaving much room for 
payload unless compressed. Therefore, an adaptation layer specific to 6EoWPANs 
manages compression as well as fragmentation and reassembly, if necessary, and resides 
just above the DEE and manages interaction with the IPv6 networking layer. An IPv6 
header used over an 802.15.4 network can compress from 40 octets to as low as two 
octets if link-local (link-local presumes no need of full IP addressing due to remaining 
under a common router), as depicted in Table 1, or twelve octets if the network 
implements hopping (Hui and Thubert 2011). Compression of the IPv6 header eliminates 
unnecessary information for a network under specific assumptions. Eor instance, 
assuming the entire network communicates using IPv6 and if the traffic class and flow 
label fields are zeroed out, then the 32 bits that would be required to present this 
information is reduced to one bit. This is shown in the first three rows of Table 1. The 
same table also shows the payload length derived from the message authentication code 
(MAC) eliminates 16 additional bits. Most significantly, the source and destination 
addresses reduce from 128 bits each to two bits each assuming the network is link-local. 
A message expected to take multiple IP hops requires an additional five bytes. Table 1 
compares the differences in an uncompressed IPv6 header and a fully compressed IPv6 
header set for link-local communications (Ee, Ng, Nordin, and Borhanuddin 2010). 
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Table 1. IPv 6 Header Compression Charaeteristies. Souree; Ee et al. (2010). 


Header 

Field 

IPv 6 

header 

length 

6 L 0 WPAN 
HCl length 

Explanation 

Version 

4 bits 

— 

Assuming communicating with IPv 6 

Traffic 

class 

8 bits 

1 bit 

0 = Not compressed. The field is in full size 

1 = Compressed. The traffic class and flow label 
are both zero. 

Flow label 

20 bits 

Payload 

length 

16 bits 

— 

Can be derived from MAC frame length or 
adaptation layer datagram size ( 6 L 0 WPAN 
fragmentation header). 

Next 

header 

8 bits 

2 bits 

Compressed whenever the packet uses UDP, TCP 
or Internet Control Message Protocol version 6 
(ICMPv 6 ). 

Hop limit 

8 bits 

8 bits 

The only field that never compresses. 

Source 

address 

128 

bits 

2 bits 

If both source and destination IPv 6 addresses are 
in link local, their 64-bit network prefixes are 
compressed into a single bit each with a value of 
one. Another single bit is set to one to indicate 
that 64-bit interface identifier are elided if the 
destination can derive them from the 
corresponding link-layer address in the link-layer 
frame or mesh addressing header when routing in 
a mesh. 

Destination 

address 

128 

bits 

2 bits 

HC2 

encoding 

— 

1 bit 

Another compression scheme follows a HCl 
header. 

Total 

40 

bytes 

2 bytes 

Fully compressed, the HCl encoding reduces the 
IPv 6 header to two bytes. 


The IPv6 header can be significantly reduced under the above assumptions. 


The Network Layer speeifieally direets the datagram, or paeket, to the right plaee 
in time. Figure 4 depicts two methodologies for traffic forwarding in 6 L 0 WPAN. Mesh- 
under forwarding refers to link-local communications, requiring only two total bytes of 
IPv 6 header, and Route-over forwarding refers to communications passing over a router. 
The latter methodology requires 12 bytes of IPv 6 header (Ee et al. 2010; Olsson 2014). 
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Mesh-under (layer two) forwarding 
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Traffic over a 6 L 0 WPAN can capitalize on interoperability with mediums beyond the 
802.15.4 radios by routing via IP addresses, costing 7 bytes of Network layer header, or 
remain within a network by not passing through a router, costing only 2 bytes of network 
layer header. 


Figure 4. Routing Options of 6 L 0 WPAN. Source: Olsson (2014). 


6 L 0 WPAN messages remaining uncompressed require 40 bytes of network layer 
header. This is impractical size necessitates compression for a 6 L 0 WPAN network. 

Figure 5 illustrates the compression options and header lengths required for each traffic¬ 
forwarding option. However, fragmentation provides an option for larger messages but 
increases security risks and likelihood of incomplete message traffic. Additionally, 
fragmenting requires an additional four bytes for the initial fragment and five bytes for 
additional fragments of a message (Ee et al. 2010). The network layer payload and header 
nominally become encapsulated within the DLL’s encryption unless otherwise specified. 
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Mesh-Under 

Route-Over 



R^mairung Psyload ^RP) 


2-12 Octets 


53- 95 Octets 


Link-local communications need only 2 bytes of network layer header; those requiring IP 
hops over routers require a 12-byte header. An uncompressed header requires 40 bytes 
and is, therefore, never used for 6 L 0 WPAN. 


Figure 5. Network Layer Options. 


4. Transport Layer 

The transport layer rides atop the networking layer and controls the handling of 
the datagram message. User datagram protocol (UDP) is a connection-less link between 
source and destination requiring no confirmation of receipt. Conversely, transmission 
control protocol (TCP) is a connection-oriented link that controls and confirms packet 
delivery. A network running TCP experiences heightened traffic demands due to control 
messages transiting the network back-and-forth between source and destination. This 
behavior opens networks, specifically wireless networks, to denial of service attacks due 
to packets requiring extensive exchanges before sending any traffic. Networks running 
UDP, however, behave more like a fire-and-forget method, reducing the transport layer 
header length but never receiving message receipt acknowledgement. Accordingly, 
UDP’s lessened header length requirement makes it the prescribed transport layer 
protocol for 6LoWPANs. Figure 6 depicts the UDP header requirement and the 
remaining payload space. 


UDP (8) RP 


8 Octets 45-87 Octets 

UDP requires less header length but cannot provide receipt confirmation as TCP may. 
TCP requires a 20-byte header and significantly increases utilization sometimes 
associated with line congestion. Therefore, UDP is the prescribed protocol for 
6 L 0 WPAN. 


Figure 6. Transport Layer Options. 


12 





5. 


Application Layer 


Application layer data remains flexible as a user-specific demand requirement. 
This work focuses on the feasible amount of space remaining for user-specific application 
data with best guess estimates of constantly changing application requirements. Simply 
stated, a mesh-under network using a star topology using AES-CCM-128 physical 
security and UDP transport protocol leaves as much as 87 octets per transmission for 
application use. Conversely, a more robust route-over network using a mesh topology, 
AES-CCM-256 physical security and UDP transport protocol leaves only 45 octets per 
transmission for application use. Figure 7 illustrates the full range of viable options. 


127 Octets 




bmtT.r.r.irmn 
rm.MBTCTI.CT.mT.l 


Physical Layer 


9-25 Octets 


102-118 Octets 



21-37 Octets 65-97 Octets 


Data Link Layer/ MAC 


IPv6 Header 



Network Layer 


2-12 Octets 


53-95 Octets 


UDP 



8 Octets 45-87 Octets 


Transport Layer 


Application Layer 

45-87 Octets 

The most streamlined scenario leaves 87 octets for application layer use while even the 
most robust leaves 45 octets for application layer use. Note that all overhead shows as 
headers but may also include any associated trailers. 

Figure 7. Range of Eayered Options and Resultant Remaining Payload (RP). 
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c. 


PHYSICAL PERFORMANCE CHARACTERISTICS 


Networks, specifically wireless networks such as 6 L 0 WPAN, inextricably link 
range, throughput, power, and security. Range depends on the amount of power 
transmitted across the system among many other factors. The power requirements depend 
on the amount of transmissions, amount of processing, length of transmissions, and 
internal loss factors. Throughput, or network utilization, depends on the frequency 
selection, the range of each transmission, the bit error rate (BER) and required header 
length. As stated above, each protocol option of the TCP/IP stack drives the header length 
required for each transmission, driving the payload throughput, and power requirements. 
The following section explains the derivation of 6 LoWPAN’s system limitations. 


I. Range 


IEEE 802.15.4 radios, at the physical layer, largely determine range of 
6 L 0 WPANS, unless multi-hopping. Without multi-hopping, 802.15.4 radios normally 
range only tens of meters due to range decreasing in free space according to Eriis free 
space equation. Equation 2.1 (Rappaport 2002). 


d 


max 


{An)\P,;)NF 


( 2 . 1 ) 


Antenna gain in the transmitting antenna, Gt, and the receiving antenna, Gr, the 
wavelength in meters, /I, the minimum power a receiver antenna must receive, Prx, and 
the system loss factor, NF, all contribute to the maximum allowable separation distance, 
dmax, for successful communications. Additionally, this estimation neglects interfering 
signals or atmospheric attenuation due to the relatively short distances achievable by this 
IEEE standardized radio system. The IEEE 802.15.4 specification provides conditions for 
receiver sensitivity in Table 2. 
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Table 2. Receiver Sensitivity Conditions. Source; IEEE (2011). 


Term 

Definition of term 

Conditions 

Packet Error Rate (PER) 

Average fraction of 
transmitted packets that are 
not correctly received. 

Average measured over random 
physical service data unit (PSDU) 

Receiver sensitivity 

Lowest input power for 
which the PER conditions 
are met. 

1) PSDU length of 20 octets 

2) PER< 1% 

3) Power measured at antenna 
terminals 

4) Interference not present 


The PER and bit error rate (BER) are assumed synonymous for the purposes of this 
analysis. 


IEEE 802.15.4 radios, as defined by IEEE standard, operate in various modulation 
schemes at each allocated frequency. The throughput, measured in bits per second (bps) 
depends on the modulation scheme selected. While there are multiple modulation 
options, the higher end of the throughput, the 2.4 GHz range, requires offset-quadrature 
phase shift keying (0-QPSK) allowing throughput of 250 kbps while lower frequency O- 
QPSK options afford only 100 kbps. Erequency bands around 915 MHz or 868 MHz, 
offer throughputs of only 40 kbps or 20 kbps, respectively, by using binary phase-shift 
keying (BPSK). The same frequency bands may also use 0-QPSK, resulting in 
theoretical throughputs up to 100 kbps. Additionally, lower frequencies using BPSK 
require more stringent channel accuracy and higher receiver sensitivity as shown in 
Table 3. 
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Table 3. Frequency Allocations of Most Common Modulation Schemes 
and Associated Throughput. Adapted from IEEE (2011). 


Frequency 

Range 

(MHz) 

Modula¬ 

tion 

Throughput 

(kbps) 

Channels 

Trans¬ 

mitted 

Power 

Receiver 

Sensitivity 

Authorized 

Region 

779 - 787 

O-QPSK 

MPSK 

250 

250 

7 

-3 dBm< 

-85 dBm 

China 


BPSK 

20 





-92 dBm 


868 -868.6 

ASK 

250 

1 



-3 dBm< 


Europe 


O-QPSK 

too 





-85 dBm 


902-928 

BPSK 

ASK 

40 

250 

10 


-92 dBm 

North 

America 


GFSK 

BPSK 

too 

20 


0-7 

BPSK 

1 dBm< 



950-956 

21 

8-9 

BPSK 

10 dBm < 

-92 dBm 

Japan 





10-21 

GFSK 




2400- 

2483.5 

O-QPSK 

250 

16 

-3 dBm < 

-85 dBm 

Worldwide 


IEEE 802.15.4 radio transmission power capability must exceed -3 dBm but 
frequency allocation requirements may further limit maximum power output (IEEE 
2011). Though the IEEE standard assumes a negligible antenna gain, or a unity value, 
actual radio construction will result in a realized gain. Assuming a dipole antenna 
construction, as an example, derived equations that roughly approximate dipole antenna 
gain to an easily calculable value (Equation 2.2) such that d is the full length of the 
receiving antenna, assumed to be the device diameter for extremely small 802.15.4 radios 
as an assumption and X is the signal wavelength (Harney 2004). This relationship allows 
analysis of differing device sizes. 


f 

Gain(Dipole) - - 


2n 

T 

32 


V 

/ 


( 2 . 2 ) 


Using, for example, 2.45 GHz (wavelength of 122.45mm), and device maximum 
length of one inch, or 25.4 mm, the antenna gain equates to only 0.09 while a device 
maximum length of even two inches increases the factor to 1.44. More effective 
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antennae, such as fractal antennas could boost antenna gain but is not explored in this 
work. 


IEEE 802.15.4 systems commonly advertise transmission ranges of 10-30 meters 
(Gutierrez et al. 2006). As previously seen in Equation 2.1, parameters that increase 
range include higher antenna gain, more transmitted power, lower transmitting 
frequencies, or lower receiving antenna sensitivity. 

Einally, attenuation through structural materials reduces transmitted power at a 
determined rate (Equation 2.3) and commonly relies on empirical results (Jenn and 
Sumagaysay 2004). The relationship is a logarithmic value associated with a ratio of 
power transmitted through the surface, P transmitted, compared to power emitted from the 
source, Pincident- Studlcs indicate approximately 10 dB loss through a 10-inch concrete 
wall (Jenn and Sumagaysay 2004). 


Loss, dB=101ogjo 


f 

V 


transmitted 


incident 


\ 


(2.3) 


2. Throughput 

Erequency, range, topology, and network size determine throughput across a 
6 L 0 WPAN radio link. Erequency allocations derive from country authorization or, if in a 
hostile environment, allocations from internal de-conflictions and threat analysis. Lower 
frequencies often travel longer distances and are generally more persistent while higher 
frequency ranges allow higher throughput but competition with other devices increases. 
Bluetooth technology and microwave ovens also operate in the 2.4 GHz range, though 
Bluetooth is similarly unlicensed, and microwaves operate in a Earaday cage. 
Investigations into interference levels of Bluetooth and microwave ovens find no 
significant influence to 802.15.4 networks at ranges nearing one meter (Sikora and Groza 
2005). 

Range, as described above, establishes a threshold distance at which a desired 
throughput can be achieved, as a function of frequency. Additionally, increasing nodal 
count on a common access point progressively detracts from the maximum throughput 
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amount. Small networks with periodic traffic will likely not notice degradation in 
throughput but as a networks scale larger, latency will occur in a network with decreasing 
access periods. 

IEEE 802.15.4 networks use carrier sense multiple access with collision 
avoidance (CSMA-CA) or ALOHA channel access (IEEE 2011). Whether or not a 
personal area network (PAN) coordinator desires slotted or unslotted CSMA-CA access. 
CSMA-CA essentially requires a node test the target node, or nodes, for a ready to 
receive or not ready to receive status. If the target node, or nodes, appears ready to 
receive, the sending node transmits the message. If the target node, or nodes, does not 
appear ready to receive, the sending node waits a variable amount of time before 
attempting to re-send. The pre-determined CSMA-CA protocol determines the amount of 
time before attempting the retransmission. CSMA-CA options include slotted or non- 
slotted and persistent or non-persistent. Using a slotted CSMA-CA ensures all assigned 
nodes to a network get guaranteed time slots (GTS) in which to request access. Using 
non-persistent CSMA-CA protocol allows scalability since only transmitting members of 
the network compete for time slots. Additionally, the amount of throughput of CSMA- 
CA depends heavily on the expected time of propagation. Nodes separated by greater 
distances decrease the normalized throughput. Nodes separated by approximately 
300 meters experience a throughput reduction by a factor of approximately 0.86 and 
separations of 30 meters experience a throughput reduction by a factor of approximately 
0.96 (Agrawal and Zeng 2014). 

Voice communications require significant amounts of throughput with most 
estimates requiring a minimum of 64 kbps. Additionally, any packet header detracts from 
the amount of payload on which voice communications can travel. If only 45 bytes 
remain out of 127, only 35.4% of the throughput is available for payload traffic in the 
worst case. In the best case, 78 remaining bytes allow for approximately 61% of 
throughput available for payload traffic. In addition, the CSMA-CA protocol requires 
acknowledgements and timers resulting in packets not being sent continuously (Hersent, 
Boswarthick, and Elloumi 2012). Node separation’s heavy influence on slotted non- 
persistent CSMA-CA reduces the realized throughput by the factors discussed in the 
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preceding paragraph. Therefore, at 300 meters, the realized throughput to expect lies 
between 0.30 and 0.53 of the channel throughput. 

A recent expert on the loT estimates that of the 250 kbps bandwidth, only 50 kbps 
(or 20 %) is usable for applications and only if no other devices compete for network 
access (Hersent, Boswarthick, and Elloumi 2012). Applying the above factor of 0.86, 
only 76 to 132 kbps remain for any given node in the network for application use 
assuming only a point-to-point link. This estimate is very close to other estimates of 
50 kbps in light of expected header lengths and CSMA-CA protocols (Hersent, 
Boswarthick, and Elloumi 2012). 

3. Power and Energy 

IEEE 802.15.4 standard writers assumed power for devices would come from 
batteries intended to remain in service long periods of time but also capable of using 
mains, or grid-derived, power (IEEE 2011). Power consumption depends not only on the 
level of power transmitted, but also on the periodicity at which the component transmits, 
processes, and receives data. 6 E 0 WPAN physical operating constraints dictate a floor 
output capability of -3 dBm while only local frequency regulations dictate transmission 
power ceiling levels. ISM bands limit transmission power to a maximum of 1 mW 
(Hersent, Boswarthick, and Elloumi 2012). 

Joules (J) represents the International System of Units (SI) measure of energy. 
Batteries drain at differing rates depending on discharge current, in milliamps (mA), of 
direct current (DC). Voltage multiplied by amperage totals power and multiplying by 
time, in seconds, results in total energy. As an example, a typical 1.5-volt (V) AA 
alkaline battery containing 1700 mAh of current capacity contains 9180 Joules. 
Considering, then, that 6 E 0 WPAN devices emit at the milliwatt level, nor at a constant 
level, the anticipated duration of a network and its associated devices should span long 
periods even with a much smaller initial voltage amount. Additional energy source 
parameters, assuming a device receives power from battery, include capacity, in joules, 
and efficiency. Slower power drain increases efficiency (Pedram and Wu 1999). Given 
the low power draw of 802.15.4 radios, this paper assumes a nominal value of 90%. Eor 
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the purposes of this paper, node size drives battery size and weight limitations. Ideally, 
commonly sized batteries ease logistical burden in usage cases. This thesis explores the 
expected lifetime of an expected node given expected usage parameters. Duracell 
batteries, a very common brand name battery in North America, designs battery metrics 
in accordance with the International Electrotechnical Commission (lEC). The density of 
batteries varies by chemical composition but, for comparison, DuracelTs 1700 mAh 
NiMH rechargeable AA battery weighs 28 grams at a length of two inches and nominally 
discharges at 1.2 volts (Duracell 2016). DuracelTs lOOOmAhNiMH rechargeable AAA 
battery weighs 12.8 grams at a length of one and three-quarters inches and nominally 
discharges at 1.2 volts as well (Duracell 2016). Therefore, a typical AA rechargeable 
battery nominally contains 7344 Joules and a typical AAA rechargeable battery 
nominally contains 4320 Joules. 

The transmission power, as a function of distance, contributes most significantly 
to the power drain on a device. An additional drain, assumed a constant value in this 
work, includes data aggregation, Eda- Eda’s assumed value in this work is 5 nJ/bit in 
keeping with estimates of similar work on microsensors such that Equation 2.4 holds true 
(Heinzelman, Chandrakasan, and Balakrishnan 2002). Multiplying by the message length 
in bits, L, determines the overall Eda as a function of message length. 


EoAiL) = 


5nJ(L) 

bit 


(2.4) 


The same study presented a method of determining energy dissipation per bit of 
data using binary values for distance, near or far, and varying message size (Heinzelman, 
Chandrakasan, and Balakrishnan 2002). The study also used fixed distances assuming 
polynomial free-space loss at a rate of distance squared, (f, within a designated distance 
before assuming a multi-hop transmission (Heinzelman, Chandrakasan, and Balakrishnan 
2002). The study’s multi-hop transmission exhibits a quadratic energy loss at a rate of (f, 
to account for multipath fading (Heinzelman, Chandrakasan, and Balakrishnan 2002). 
Eigure 8 illustrates the exchange of energy as a compilation of Ejx and Eda per bit. 
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Heinzelman’s model depends on range, processing, and packet size, though transmission 
power and processing power hold constant with only binary input to distance (near or 
far). The electronic drain should be confirmed by actual product testing. The referenced 
source provides parameters based on similar testing. 


Figure 8 . Energy Transfer Model. Souree: Heinzelman et al. (2002). 


However, adjusting distanee allows further analysis. Thus, multiplying the 
transmission power by message length in bits, L, and dividing by bit rate, R, in bits per 
seeond, reveals the transmission energy dissipation rate, Ejx, as a funetion of message 
size and range as in Equation 2.5. 


E{L,d) 


PtM 

R 


(2.5) 


Therefore, eombining Equations 2.4 and 2.5, the energy expended to transmit a 
message of size, L, in bits, over a relatively elose distance, d, in free space, a radio 
expends: 

EFs{L,d)^EDA+ET, (2.6) 


4. Topology Options 

6 L 0 WPAN offers network topology options of star or meshed. As explained by 
Figure 2, networks within a single router require less addressing bytes and can operate as 
either star or meshed. Power consumption at the central node, or full function device 
(FFD), surpasses power consumption of any individual node. The 802.15.4 specification 
also refers to outlying nodes as restricted function devices, RFDs (IEEE 2011). Star 
topologies generally drain individual, or RFD, devices at a rate driven only by distance, 
message length and periodicity while the centralized FFD device’s energy consumption 
scales at a rate equal to the number of interconnected RFDs. RFDs in mesh networks 
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generally drain at varying rates driven by proximity to the cluster head, message length 
and periodicity, and number of network nodes. 

D. SECURITY 

1. Obstacles 

Wireless networks such as 6 L 0 WPAN possess vulnerabilities common to any 
wireless network but the inclusion of IPv 6 ’s embedded security algorithm, IPSec, offers 
significant protection. Many obstacles limit security implementations to include limited 
storage, energy restrictions, and MTU (IEEE 2011). Eimited storage onboard a sensor 
limits the ability to process large algorithms or large quantities of even the smallest 
algorithms. Energy restrictions are user-dependent as the size of the nodal power supply 
may be quite small if desired on a PAN though perhaps not as restrictive for a less mobile 
sensor field permanently emplaced. The MTU of 6 E 0 WPAN already limits packet size 
and increased security, as previously discussed, only further restricts remaining usable 
payload space. 

2. Resistance against Common Wireless Network Attacks 

Predicting every type of attack or scenario remains impossible. Measuring 
resiliency against the most common or most dangerous attacks to a wireless network, 
however, may highlight a capability’s strengths and weaknesses or value in further 
investigation for military usage. However, implementation considerations must precede 
any examination of a network’s vulnerability. The lETE provides REC 3756 to present 
three generic implementation models (Nikander, Kempf, andNordmark 2004). Each 
model presents unique challenges to security, the most vulnerable being an ad-hoc 
network. Therefore, this thesis investigates the resiliency of 6 E 0 WPAN against denial of 
service (DoS) attacks, router or routing specific attacks such as sinkhole attacks, and non¬ 
router or non-routing related attacks such as neighbor discovery (ND) attacks from a best 
and worst case trust model. This synopsis aims to generalize the wide array of active and 
passive techniques used against wireless networks. IPSec’s authentication headers, AH, 
in conjunction with AES provides significant security against most malicious attacks. The 
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research question of 6LoWPAN’s resistance to these common attacks is addressed in the 
following sections. 

a. Denial of Service (DoS) 

A DoS attack requires that a malicious node exist within transmission range of a 
threat but does not require co-location of the nodes (Vines 2002). DoS attacks generally 
occur by a malicious source overtaking the attention of a victim node’s receiving antenna 
and distracting its processor to the point of denying it productive participation in its own 
friendly network (Nikander, Kempf, and Nordmark 2004). There is little defense any 
wireless network can provide against physical DoS aside from decreasing the receiving 
antenna’s sensitivity or increasing the transmitting power within a network. By 
decreasing sensitivity, range quickly diminishes without an increase in transmitted power. 
Likewise, increasing power drains power resources more quickly and increases the 
network footprint and vulnerability to other attacks. 

b. Router or Routing Attacks 

Attacks involving routers or routing take many forms. Sinkhole attacks, 
sometimes referred to as redirect attacks, cause a node to unknowingly send traffic to 
what seems to be an ideal path to the intended destination. A malicious last hop router 
exists as generic IPv6 threat in which a malicious router masquerades as a legitimate last 
hop router on a network in which an entering node is attempting to discover one 
(Nikander, Kempf, and Nordmark 2004). Another method involves deleting the actual 
default router from a node or multiple nodes’ routing tables. This attack could follow a 
DoS attack or even after sending minimal router lifetime over a spoofed router 
advertisement (Nikander, Kempf, and Nordmark 2004). Additional router-related threats 
include a good router going bad, spoofed redirect messages, bogus on-link prefix, bogus 
address configuration prefix, and parameter spoofing (Nikander, Kempf, and Nordmark 
2004). Use of statically assigned IP addresses precludes each of these threats (Nikander, 
Kempf, and Nordmark 2004). With use of dynamic host configuration protocol, DHCP, 
mitigating the stated threats becomes necessary. Research continues to investigate 
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methods of mitigating DHCP against such threats (Nikander, Kempf, andNordmark 
2004). 

An additional threat specific to CSMA-CA includes a malicious source sending 
inert packets with a correct preamble equivalent to 802.15.4 protocol. If the malicious 
source broadcasts messages to the access point, or router, at a rate faster than the other 
nodes’ back-off timers (responsible for avoiding collisions), an access point can be 
denied service. 


c. Non-router or Non-routing Attacks 

Attacks taking place beneath the router also come in many forms. Non-router 
attacks such as neighbor solicitation and advertisement attempt to create unwarranted 
relationships between MAC Addresses and IP addresses for the purposes of redirection, 
even underneath the router. Once redirected, a malicious node can redirect, exploit, or 
even destroy packets. 6 L 0 WPAN provides excellent defense against ND attacks. Turning 
off performance optimization, a command telling nodes to populate a neighbor cache 
table, as more links become available, routes all traffic through predetermined routes 
(Nikander, Kempf, and Nordmark 2004). Star topologies better lend themselves to 
disabling performance optimization while disabling the function cripples a major 
advantage of mesh networking. Mesh networks, constantly attempting to optimize traffic 
routing, more aptly fall victim to this form of redirect denial of service attack (Nikander, 
Kempf, andNordmark 2004). 

Similarly, a neighbor unreachability detection (NUD) attack happens when a 
sending node cannot reach the desired destination node after multiple tries. After a 
requisite number of failures, the sending node flushes the desired destination node’s 
address from the standard address resolution protocol (ARP) table and looks for a valid 
one. During a NUD attack, a malicious node sends fabricated unavailable messages to the 
sending node to expedite the dropping of the desired destination node. Preventing the 
actual process of the desired destination node becoming unreachable or how the sending 
node behaves in such a situation provides the best defense against a NUD denial of 
service attack. In a similar manner, preventing hosts from obtaining addresses using 
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stateless address auto-eonfiguration prevents duplicate address detection (DAD) denial of 
service attacks (Nikander, Kempf, andNordmark 2004). Using mesh-under networking 
alleviates any threat from additional router-level ND attacks outlined in RFC 3756 
(Nikander, Kempf, and Nordmark 2004). 

E. GEOLOCATION 

Without going into the methods 6 L 0 WPAN uses to geo-locate other nodes, 
research accomplished on the topic reveals some overarching insights. First, 
implementing a real-time location system (RTFS) requires at least three anchor nodes 
(Martinez and Lastra 2011). Additionally, a RTFS requires nodes contacting an anchor 
node receive immediate acknowledgements, something not associated with UDP as the 
transport layer protocol (Martinez and Fastra 2011). Thus, using 6 F 0 WPAN to geo- 
locate potentially requires using TCP, requiring a significantly longer header length, and 
the network to differentiate each node as an anchor node or not (Martinez and Fastra 
2011 ). 

F. DESIGN PARAMETERS 

Table 4 lists a compilation of the design parameters in which a 6 F 0 WPAN system 
must operate. Exceptions outside of the parameters are possible but require tradeoffs 
from other parameters. The table answers the research question of 6 F 0 WPAN limitations 
by compiling performance parameters. 
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Table 4. Compilation of Design Parameters. Adapted from IEEE (2011). 


Parameter 

Minimum 

Maximum 

Cost -or- Limiting 
Design Faetors 

Eneryption 

AES-CCM-128 

AES-CCM-256 

Pleader Length (bits) 

Resilieney 

Withstand DoS 

None 

Sealability 

Throughput 

20 kbps 

250 kbps 

Energy, Time 

Range 

10 m 

200m LOS 

Battery Life 
Antenna Length (Gain) 

Transmitted Power 

-3 dBm 

1 dBW 

Battery Life 

Reeeiver Sensitivity 

-85 dBm (BPSK) 

-92 dBm (O-QPSK) 

Unlimited 

Unlimited 

Transmitted Power, 
Interferenee 

Battery Size 

Length: None 
Weight: None 

Max length of node 

Less than 60g (2 AA) 

User weight limitations 

Topology 

Peer-to-Peer, Star 

Mesh 

Seeurity, 

Energy Consumption, 
Sealability 

Message Length 
(Remaining Payload 
Spaee) 

50 bytes 

71 bytes 

Seeurity, 

Routing, 

Conneetivity 


26 






III. SYSTEM REQUIREMENTS 


In systems engineering, operational eoneepts or usage seenarios eommonly 
support generated system technieal requirements (Buede 2009). The generated system 
teehnieal requirements must elearly derive from, and easily traee back to, operational 
requirements. Operational concepts allow defining the anticipated environment, 
interoperability with other systems, potential threats, and how the users employ the 
system to more easily highlight specific operational requirements ultimately leading to 
comprehensive system technical requirements (Buede 2009). 

Similarly, Benjamin Blanchard and Wolter Fabrycky (2011) define a generic 
approach for all system acquisitions and follow-on deployments. Regardless of all 
factors, systems engineers execute conceptual design, preliminary design, detail design 
and development, production/construction, operational use and system support, and 
ultimately, retirement during the lifecycle of a system (Blanchard and Fabrycky 2011). 
Operational requirements, a concept of support and maintenance, technical performance 
measures, functional analysis, and allocation of design criteria from the system level to 
sub-systems, lie within the conceptual design phase and serve to establish system 
technical requirements (Blanchard and Fabrycky 2011). 

The Army’s employment of a low-powered, wireless, personal area network in an 
operational or support setting defines the system within the scope of this thesis. The 
assessment of 6LoWPAN’s employment leverages Blanchard and Fabrycky’s approach 
to construct comprehensive usage scenarios to generate clearly derived system technical 
requirements. 

A. BFT SCENARIO 

1. Potential Opportunities 

The inception of networking dismounted troops with real-time data began around 

1989 as a part of the Land Warrior program, the Army’s first attempt at networking 

individual troops on the battlefield (Gourley 2012). Having occasional name changes, by 

June 2010, on the Army’s 235**^ birthday, it renamed Ground Soldier System Increment 1 
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as Nett Warrior, in honor of WWII Medal of Honor winner Robert B. Nett (Gourley 
2012). Requirements of Nett Warrior inelude, but are not limited to, providing eommand- 
and-eontrol solutions down to the team leader level (Gourley 2012). The first prototype 
systems weighed as mueh as 10 pounds without a baekhaul capability, while more recent 
versions weigh as little as three pounds on top of the Soldier Radio Waveform (SRW) on 
the Joint Tactical Radio System (JTRS) backhaul link (Gourley 2012). The JTRS SRW 
link typically occurs over an AN/PRC-154 handheld Rifleman Radio capable of carrying 
unclassified voice and data traffic, lasting at least 12 hours on a 7.2 Ah Li-Ion battery, 
ranging over three kilometers, and weighing approximately 1.7 pounds (Thales Defense 
& Security 2016). The AN/PRC-154A handheld Rifleman Radio, capable of carrying 
secret and below traffic, generally boasts the same specifications but a shorter range of 
just two kilometers and lower battery life of over nine hours due to having only a 5.8 Ah 
Li-Ion rechargeable battery (Thales Defense & Security 2016). For geolocation, the 
Army currently possesses the defense advanced GPS receiver (DAGR). The DAGR 
weighs 454 grams, or just less than one pound, including the provided AA batteries, with 
a continuous lifetime of fourteen hours but does not self-propagate location information 
beyond the display screen (Rockwell Collins 2016). In total, the dismounted capability 
available today provides voice and data at the specifications above at a weight of nearly 
six pounds per user, including the DAGR. The Army’s baseline requirement is for a 
dismounted Soldier to know his own location, the location of friendlies, and the enemy’s 
locations (Leland and Porche 2004). The 6 L 0 WPAN capability may offer comparable 
performance at a lower SWAP, translating to lower Soldier payload. Lower Soldier 
payload well answers the research question of why the Army may desire 6 L 0 WPAN. 

2. Stakeholder Perspective 

A stakeholder’s analysis of BFT provides insight to the most important 
capabilities of an operationally deployed system. The dismounted Soldier on the ground 
receives position location of other users as well as enemy locations entered by any 
situationally aware user. The Soldier benefits from BFT through increased protection 
from fratricide in an increasing complex combined arms fight, but can have an adverse 

effect if not operating properly. In addition. Soldiers and leaders both aspire to lessen 
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payload weight demands on Soldiers. Current initiatives aim to reduce the weight burden 
on Soldiers, often surpassing 100 pounds, while maintaining or enhancing current 
operating capabilities (Friedl and Santee 2011). Therefore, any additional technology 
must be as light as possible while maintaining or exceeding current operational 
effectiveness. For sustained effectiveness, the technology must prove directly beneficial 
to the user and maintainer of the system. A subjective judgment exists about what a 
dismounted leader below the squad leader level needs to receive via a network given all 
typically remain within LOS of each other. 

A typical infantry company contains three maneuver platoons, a platoon leader 
(PL), assisted by a platoon sergeant (PSG) leads each platoon and reports to the company 
commander. A platoon typically contains three squads, each led by a squad leader (SL) 
who reports directly to the PL and PSG. Each squad typically contains two teams, led by 
a team leader (TL) directly reporting to the SL. Lastly, a team typically consists of three 
to nine Soldiers. Figure 9 shows a generic Army Infantry company hierarchy. 



Companies may or may not have combat support and service support elements attached 
in addition to headquarters elements. The figure is meant to demonstrate to the reader the 
amount of assets included in any given company, platoon, squad, or team. A company 
typically contains 2-3 platoons, a platoon typically contains 2-4 squads, a squad typically 
contains 2-3 teams, and a team typically contains 3-9 Soldiers. This thesis assumes 6 
Soldiers plus a team leader comprising one team. 

Figure 9. Hierarchical Structure of a Typical Army Infantry Company’s 

Maneuver Elements. 
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Figure 10 shows two Nett Warrior connectivity implementations linking Soldiers 
to the network at the XL level. Figure 11 shows an alternative architecture that replaces 
the SRW backhaul capability from the SL to XL with a lower SWAP, 6 L 0 WPAN 
capability. 



While linkage options can be tailored to need, Nett Warrior capability does not currently 
reach below the TL level and uses the AN/PRC-154A Handheld Rifleman Radio as a link 
between nodes. The Rifleman Radio can, however, be issued to all Soldiers for voice and 
data transmissions separately from Nett Warrior. 

Figure 10. Xwo Potential Linkage Options Using Nett Warrior’s AN/PRC-154A 
Handheld Rifleman Radio SRW Link between Nodes. 



Potential solution space could exist for 6 L 0 WPAN to meet operational requirements and 
reduce weight burdens. 


Figure 11. Xwo Potential Linkage Options Replacing Nett Warrior’s 
AN/PRC-154A Handheld Rifleman Radio SRW Link 
with 6 L 0 WPAN at XL Level. 
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3. Operational Scenario 

In this operational scenario, the situation includes an infantry platoon conducting 
a presence patrol in a hostile urban setting. The objective is to ensure safety within the 
local market by executing a coordinated dismounted movement through a market area 
just prior to peak business hours. The friendly forces include the dismounted platoon, the 
medical casualty evacuation (MEDEVAC) team, and the local populace. Potential threats 
include elements embedded within the population planning to deny communication 
channels and split the dismounted unit in order to ambush a smaller unit subset. It is 
assumed each TL has a 6 L 0 WPAN device that automatically passes location data among 
platoon nodes and stands prepared to pass additional data messages between platoon 
nodes in a fully meshed topology as shown in Figure 10. This also includes BET 
information subsequently distributed across the larger joint battle command (JBC). The 
time is 1500 hours, local. 

Each Soldier observes his assigned sector of fire, maintaining appropriate spacing 
to prevent a grenade blast from incapacitating more than one platoon member. The PE 
and PSG engage local shop owners and security forces with the help of assigned 
translators. At 1530 hours, the platoon leader, currently within 50 meters of each SL and 
seeing all nodes of his platoon on his display window receives a time-sensitive tip of a 
nearby meeting potentially involving a high-value target (HVT). The PE dispatches an 
audience-specific movement command over Nett Warrior on his display window that 
only his SLs and PSG all receive on their display windows. The PSG and first squad 
maneuver to a better supporting position as the PL maneuvers with second and third 
squads. At this point, the two platoon elements are no longer within LOS. At 1600 hours, 
from a building two blocks away, unexpected sniper fire wounds a member of second 
squad, Bravo team. The TL immediately shouts the suspected direction of the sniper and 
moves to cover before reporting the casualty over the platoon network via voice with an 
estimated distance and direction of the sniper. Immediately, all remaining elements move 
to cover-and-concealment while the Soldiers closest to the casualty attempt to drag him 
to a safe position. The PL attempts to better identify the location of the shooter over the 
platoon network. All networked leaders digitally provide their point of view in attempts 
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to locate the shooter. The suspeeted enemy loeation is entered into the platoon’s BFT 
overlay using standard proeedures for dismounted operations. By 1610 hours, the fire 
team establishes seeurity and a easualty eolleetion point (CCP) around the Soldier and 
earmarks the loeation in the BFT overlay, as the platoon medic treats the casualty. 
Meanwhile, the battalion’s unmanned aerial vehiele (UAV) in overwateh has arrived on 
station to observe the uploaded sniper position transmitted to the higher eehelon’s BFTs. 
The PL’s Nett Warrior allows live UAV feed streaming. Overwateh of the suspeeted 
position aids in loeating the suspeeted sniper. Simultaneously, the medie informs the PSG 
the casualty requires immediate medieal evacuation (MEDEVAC). The PSG direets the 
SE, who in turn direets his TL, to transmit a multieast MEDEVAC request. By 1615 
hours, the PSG’s remaining element is set in overwateh position; the PE’s element 
performs flanking movements until reaehing the bottom floor of the suspeeted building. 
Any lifting or shifting of fires is done using friendly position data on the BET overlay. At 
1630 hours, assuming the building size and layout is within the element’s ability to elear, 
seeond and third squads enter the building with appropriate taeties moving from room to 
room. Within the building. Soldiers methodieally elear and seeure eaeh room. Eor at least 
30 minutes, available team members aseend to the suspeeted sniper position until 
neutralizing the threat. Simultaneously, the PSG’s element is monitoring the building for 
any fleeing personnel out of the building of interest. Upon eonfirming neutralization of 
the threat by 1730 hours, the PE re-establishes internal platoon eommunioations, re¬ 
establishes aceountability while simultaneously observing each team’s loeation on the 
BET overlay. The CCP element, having assisted the MEDEVAC team, rejoins the PSG’s 
element. Subsequently, the PE provides a follow-up report aeross the higher eommand 
network and eoordinates follow-on aetions. 

Erom this single scenario, many key aspeets of the TL links beeome apparent. 
Soldiers may default to voiee eommunioations when speed neoessitates though data 
leaves a longer footprint that populates the master overlay. Two neoessary parameters of 
geolooation are distanoe and direotion from known position data. They oan be determined 
without a map overlay, but this does neoessitate a need for a soreened display showing 
the user’s loeation and distance and direction to other friendly nodes regardless of 
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surroundings. Terrain association, however, allows Soldiers to enter an enemy location to 
the network overlay or any point of interest without a self geo-locating capability. 
Obviously, the system must interface with Nett Warrior or physical map. Assuming a 
patrolling speed of no greater than two meters/second and a location accuracy of plus or 
minus ten meters, automatic position updates even every ten meters equate to an update 
rate of ten seconds. Building clearing operations typically reduce movement speed, 
decreasing the refresh rate requirement. This hypothetical mission lasted less than three 
hours but despite best plans, situations largely affect mission times. A system should not 
require battery recharge or replacement during mission execution, but this should be 
achievable quickly should the need arise. The automated communications between nodes 
must be secure enough to prevent spoofing or denial of service. Range between nodes 
averaged 50 meters, line of sight (LOS), but could extend beyond 200 meters, or even 
face obstructed LOS (OLOS) if within earshot, or relatively close distances, and 
sometimes as close as 20 meters with varying multipath interference during room 
clearing operations. Current doctrine for squad level tactics dictate that every Soldier 
should remain within sight of the team leader and every team leader should maintain 
visual contact with the squad leader. Doctrine trains leaders to control movement through 
use of hand and arm signals (U.S. Army 2007). Physically, cover and concealment pose a 
threat to communication systems requiring line-of-sight (LOS) communications. Team 
leaders typically receive more information than transmit and transmissions may often be 
standardized report formats. Voice commands often transmit over the platoon network 
but typically exchange between the PL or PSG to the SLs. A pre-formatted MEDEVAC 
request reduces time and bandwidth over free-text. However, pre-formatted reports 
require on-board caching and storing demands on each node. Sender and receiver 
identifications inherently populate using unique IP addressing. Command actions given 
digitally could require one byte per character or a preset listing of commands potentially 
using fewer bytes. Pour bytes, for instance, allow for 2"^ or 16 options. Pive bytes allows 
for 32 options versus a five-letter free-text word. Automated location reporting requires 
transmission and receipt of military grid reference system (MGRS) grid location, shift 
from a known point. Timing requires only an hour, minute, and second entry if not time- 
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stamped by the network. The requirement to transmit and receive textual commands still 
exists but could be reduced by use of specifically selected emojis knowing the age-old 
adage that “a picture is worth a thousand words.” A requirement exists to locate and 
adjudicate enemy locations across a network, another potentially pre-formatted report. 
Soldiers and leaders may require node hopping to reach an intended audience 
necessitating additional indirect receiving and transmitting by each node at some rate. In 
this single scenario, no outside entities required entry into the platoon network allowing 
for static addressing. Lastly, Soldiers using network technology expect a way to 
troubleshoot a broken communications link and, therefore, expect a user-friendly 
interface for such purposes without additional tools or parts incurring more weight and 
space. 

Various Army field manuals define reports common to platoon and squad-level 
operations. The operational situation above highlights a medical evacuation 
(MEDEVAC) report, shown in Table 5. A pre-formatted 9-line MEDEVAC request 
requires at least 57 bytes in a wartime setting, and potentially far more in a peacetime 
setting where an expectation of descriptive fields exist. An example of a generic call for 
fire (CEE), shown in Table 6 requires a maximum of 40 bytes for any one transmission 
but could be as low as 33 bytes for any one transmission assuming a preformatted 
message. Preformatted messaging offers lessened cross-traffic being sent but more 
internal storage capacity at each node. This assumption would require additional 
exploration to determine the associated power drain to perform this role at each node. Eor 
any report, the byte requirement for each assumes cached reports exist on all nodes, 
inferring an additional storage capability. 
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Table 5. An Example of a Pre-formatted 9-Line Medieal Evaeuation Request 

and Expeeted Byte Consumption 


Line/Item 

Example 

Total Bytes (max) 

1/Loeation of piekup site by grid 
eoordinates with grid zone letters 

MD 73245 23949 

or 

48S MD 73245 23949 

15 

2/Requesting Unit Radio 
frequeney, eall sign, and suffix 

FM153.843*, Bravo21 

20 (depending on eall sign 
length).** 

3/Patient Preeedenee Code and 
Quantity 

A-l;B-l;C-3;D-2 

8 

4/Speeial Equipment Required 

A 

4 

5/Number of Patients by 
evaeuation type required 

A-6, L-2 

Or 

L8 

4 

6/Seeurity of Piekup Site 
(wartime only) 

N,P, E, or X 

1 (wartime only) 

6b/Number and type of wound, 
injury, or illness (peaeetime only) 

# -1- explanation 

(unspeeified) (peaeetime only) 

7/Method of marking piekup site 

A,B,C,D, or E with optional 
deseription sueh as C, Green for 
green smoke (using a two letter 
eolor eode) 

3 

8/Patient Nationality and Status 

A,B,C,D, or E 

1 

9a/CBRN eontamination 
(Chemieal/BiologieaERadiation/ 
Nuelear) (wartime only) 

N,B, or C 

1 (wartime only) 

9b/Terrain Deseription 

Deseriptive details 

Unspeeified (peaeetime only) 

Peacetime Total (worst case) 


55 -1- unspeeified deseription 
fields 

Peacetime Total (worst case) 
leveraging IP addressing for 
sender identification 


35-1- unspeeified deseription 

Wartime Total (worst case) 


57 

Wartime Total (worst case) 
leveraging IP addressing for 
sender identification 
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Adapted from FM3-21.7, Table 6-1, pages 6-12 through 6-13. *The radio frequeney of the unit 
leadership net may not be the same as the unit network. Note, eaeh eharaeter eonsumes one byte 
of data. **Using IP, address labels are plaeed on every transmitted paeket, alleviating the need 
for line 2. 


The operational situation above also highlights a eonstant exchange of position 
data. Line one of Table 5 highlights that only 15 bytes are required for position data, to 
obtain an accuracy of ten meters. 
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Table 6 . An Example of a Pre-formatted Call for Fire (CFF) Exehange and 
Expeeted Byte Consumption per Transmission. 

Adapted from U.S. Army (1991). 


T ransmission/Item 

Example 

Total Bytes (max) 

la/Observer call sign and fire 
direction center (FDC) call sign 

“Bravo45, this is Bravo2r’ 

16 

Ib/Type of Mission and size of 
element 

Adjust Fire, Fire for Effect, 
Suppress, Immediate 
Suppression/Smoke, followed by 
an optional last letter of call sign 
of desired FDC 

4 * 

Ic/Method of Target Location 

Polar, laser polar plot, shift from 
known point, grid 

3 * 

Id/Potential transmission of 
target location if immediate 
effects are requested or shift from 
a known point 

AA 12345 54321 

Or 

shift from AAl 122 

16 


Total 

40 


Total (leveraging IP addressing 
for sender identification)** 

24 


Total Received Back from FDC 

Less than 40 (or 24 leveraging IP 
addressing) 

2a/Position of Target 

AA 12345 54321 or 

Direction 2300, Left 350, Add 

400 (2300MIL,L350,A400) 

15 


Total** 

15 


Total Received Back from FDC 

Less than 15 

3a/Target Description 

Dismounted Battalion in the open 
(free text) 

Less than 30 


Total** 

Less than 30 


Total Received Back from FDC 

Less than 30 

3b/Requested Munition 

HE,WP,ICM (various weapon 
types) 

3 


Total** 

33 


Total Received Back from FDC 

15-1-2 bytes challenge 

4/Authentication 

I authenticate “alpha” 

2 


Total** 

2 


Total Received Back from FDC 

- 


*Assuming brevity codes become doctrinal. All transmissions to and from the observer 
could feasibly remain under 24 bytes but the initial transmission could drop the location 
data in initial transmission if performed in near concurrent time by pre-programmed BFT 
updates. Thus making the worst case become less than 30 bytes required for any one 
transmission.** Using IP addressing, sender identification and authentication gets 
accomplished each transmission. 


Compiling the operational requirements leads to a list of required functions and 
results in answering the research question of where 6 F 0 WPAN could interface current 
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capabilities. The funetions in Figure 12 enable the TL to join the platoon voice and data 
network. 



The functions cleanly translate into operational requirements from which technical 

requirements can be derived. 

Figure 12. Essential Functions for Networking TLs to the Platoon Network. 

The same approaeh allows analysis of requirements to enhance eurrent 
eapabilities such as integrating the Soldier level below the TL level. The same 
operational scenario allows extraction of Soldier level usage profiles if necessary, leading 
to a near identical functional decomposition. Measuring relative advantage over eurrent 
capability must evaluate the effectiveness of adding both capability and weight to the 
Soldier level. These funetions eaeh possess objectively measurable and teehnical 
thresholds, or requirements. 

B. BFT BACKHAUL TECHNICAL REQUIREMENTS 

The technical requirements of the BFT baekhaul eapability must trace back to the 
aforementioned operational requirements. Table 7 places performanee metries on 
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operational requirements, quiekly deriving system technical requirements for operational 
use at and below the platoon blue force tracking backhaul capability. 


Table 7. Translation of BFT Backhaul Operational Requirements 

to System Technical Requirements. 


Operational 

Requirement 

System Technical Requirement 

Performance Metrics 

A.l 

Interface with Nett 
Warrior 

The system must be IP based 

The system should be compatible with Nett Warrior 
physical connection interfaces with no net power 
exchange 

Network Interfaces 

Hardware Interfaces 

A.2 

Enable Two-Way 
Communications 

The system must operate at a maximum range of 

300 meters 

The system must be capable of over 7.5 hours 
(T)(x3 expected usage time); or 25 hours (O)(xl0 
expected usage time) continuous hours of operation 
Support multi-hop performance or mesh 
networking; support <3 hops 

Meters 

Duration (hours) 

Hop Count (number) 

A.2.1 

Enable Voice 
Exchange 

System must transmit and receive acceptable 
(subjective) voice quality with acceptable error rate 

Throughput (bps). Latency 
(seconds) Message, Packet 
Error Rate (%) 

A.2.2 

Enable Data 
Exchange 

The system must successfully transmit and receive 
position data, 15 bytes maximum (T) from all 
assigned nodes; transmit and receive pre-formatted 
reports, 57 bytes maximum (O) 

Message Length (bytes) 

Data Rate (bps) 

Message Assuredness (% 
packets lost) 

A.3 

Provide 

Geolocation 

The system must automatically maintain device 
geolocation data to an accuracy of ±10 meters at a 
moving speed of 2 m/s 

Distance (meters) 

Latency (seconds) 

A.4 

Enable 

Dismounted 

Soldier 

Transportability 

and 

Maintainability 

The system must be lighter than the AN/PRC-152A 
weighing less than 1.7 pounds (0.77kg) (T), or 50% 
relative advantage, weighing less than 0.85 pounds 
(0.385kg) (O) 

The system must be self-powered (Untethered) (T), 
use standard battery size such as AA or AAA (O) 

The volume must be less than the AN/PRC-152A 

7.6” X 2.5” X 1.6”. 

Repair Time (seconds) 

Weight (kilograms) 

Battery Powered 

Volume (cubic inches) 

A.5 

Protect 

Infomiation and 
Provide Security 

The system must ensure all sensitive data meets 

NS A Encryption standards for wireless traffic 

Encryption Standards 


The transition requires a measure of assumption and generalization but a thorough proeess of 
operational analysis enables extraetion of technieal requirements the system must aceomplish. 
Measurements sueh as the maximum physieal size are inferred by the eurrent size, weight, and 
power of the AN/PRC-154 radio (Souree: Thales Communieations, 

http://www.thalescommine.com/userimages/Doeuments/Data%2QSheets/Thales ANPRC154B R 

ifleman.pdf . 2016). 
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Success of a system replaeing BFT baekhaul at the XL level or enhaneing current 
eapabilities at the XL to connect the Soldier level rests on meeting the speeified system 
teehnieal requirements. 

C. COMBAT SUPPORT SCENARIO 

1. Potential Opportunities 

The Army presently requires an integration meehanism for managing power and 
energy on installations as well as giving Soldiers and leaders a multimedia interface 
through whieh to measure, manage, control, prioritize, and redistribute resourees (Army 
Capabilities Integration Center-Research, Development and Engineering Command- 
Deputy Chief of Staff, G-4, U.S. Army 2010). The white paper’s energy security goals 
show potential solution space for 6 L 0 WPAN by redueing energy eonsumption and 
inereasing effieieney (Army Capabilities Integration Center-Researeh, Development and 
Engineering Command-Deputy Chief of Staff, G-4, U.S. Army 2010). As stated earlier, 
some of the eurrent eommereial uses aehievable by 6 E 0 WPAN inelude eontrol of interior 
lighting, audio and video, thermostat eontrol, or multiple monitoring systems. Industry’s 
use of 6 L 0 WPAN technology includes remote sensor and actuator control in monitoring 
or automation processes (Toscano and Bello 2012). Army base infrastructure requires 
many, if not all, of the same funetionalities. Automatic dimmer switches today eonneet to 
room motion sensors and save on unneeessary lighting expenses. Motion sensors beneath 
water and soap spigots reduee unneeessary waste. Automatie timer-eutoff switehes 
reduee fuel or battery waste. However, motion sensor eontrol possesses problems of 
ineonsistent performanee experieneed by anyone attempting to wash his or her hands 
underneath one. Additionally, timer-based eutoff switehes risk eostly unneeessary startup 
and shutdown proeedures. 

Two-way networking offers separate savings, in time and resourees. Strong 
potential exists in personnel or equipment loeation within a defined spaee, or smart 
building. Thus, further applieations of 6 E 0 WPAN inelude proeessing of frustrated eargo, 
vehiele tracking, hospital patient monitoring, or equipment monitoring. Even sensitive 
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resources such as donated blood within a temperature-controlled storage room require 
near real-time data on location, temperature, and shelf-life. 

2. Stakeholder Perspective 

A stakeholder’s analysis of smart building technology provides insight to the most 
important capabilities of an operational system. Within a defined space such as a military 
hospital, equipment and patient tracking commonly occurs when an employee physically 
locates the equipment or patient through annotating last known location. A nurse keeping 
track of unused monitors of interest or patients in the infectious disease wing desires 
knowing near real-time locations of both. Attending nurses in search of doctors also 
desire knowing near real-time locations of the doctoral staff The hospital staff in search 
of usable blood could record and automatically update inventory in near real-time. The 
hospital patients and staff demand anonymity from outside onlookers and the associated 
equipment must prevent unwanted tampering of information. Security, mobility, and 
timeliness emerge as paramount to the stakeholder. Therefore, any additional technology 
must be untethered, lightweight, capable of reporting location, and offer appropriate 
data throughput. 

3. Combat Support Scenario 

In this operational scenario, the situation includes a combat support hospital 
(CSH) staff responding to a combat related sniper wound being brought in for emergency 
treatment. The objective is to save the life and limb of the Soldier. The friendly forces 
include the hospital staff, the patients, and the visitors. Potential threats include lost time 
due to misplaced equipment or any local national personnel hired to work within the 
building desiring to disrupt operations for any reason. It is assumed each hospital staffer, 
patient, and shared equipment has a 6 L 0 WPAN device, and integrated 802.11 routers 
capable of interfacing 802.15.4 devices cover the hospital footprint. The 6 L 0 WPAN 
devices continually pass location and patient data throughout the field hospital. The field 
hospital occupies a concrete shelter built by local contractors of the host country. The 
time is 1500 hours, local. 
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A MEDEVAC support team notifies the eombat support hospital (CSH) they are 
inbound with a wounded Soldier and his leg is bleeding badly. All staffers dutifully 
execute assigned roles and move to assigned locations. The anesthesiologist is in the 
chow hall while the chief surgeon is resting in his bunk. Those in the emergency wing 
detect the locations of the 802.15.4 devices assigned to the needed personnel. Meanwhile, 
a nurse scans a bag of blood on a networked scanner that immediately gets transmitted 
over the network to update the inventory. The needed doctors are notified by either a 
runner knowing their positions or messaged on personal 6 E 0 WPAN devices interfacing a 
display screen. High-value high-demand equipment is easily located using the master 
overlay. A coordinated effort, accelerated by use of 6 E 0 WPAN, saves the Soldier’s life. 
In the days following the emergency surgery, the Soldier’s vital signs in recovery begin 
to fall. A 6 E 0 WPAN device transmits an alarm tone to specific medical personnel based 
on threshold values dynamically set on a blood pressure monitor wirelessly connected to 
the network. The monitoring nurse immediately checks on the patient while the doctor 
adds the patient next in his queue to check. Information dynamically set by each sensor 
transmits to a database cataloging desired data. All vital and shared medical equipment 
gets tracked real-time with location and battery status. A local national and his device 
enabled cleaning equipment get noticed entering a restricted area cueing military police 
to immediately intervene. 

Prom this single scenario, many key aspects of the smart building data links 
become apparent. Eocation of personnel and assets also require precision inside ten 
meters. Additionally, the capability must geo-Iocate without an additional interface. 
Coupled with a static map overlay, distance and direction to items quickly gets 
determined. Hospital staffers need real-time location data on doctors, such as an 
anesthesiologist. Near real-time (NRT) position updates provide location and pattern of 
movement. Hospital staffers and equipment require a lightweight, non-obtrusive, 
untethered device containing identification consistent with their role. A very large area 
network, with high-power, long-range, and heavy-throughput capability may 
unnecessarily expend energy and resources. Data matching persons and locations in a 
non-hostile environment poses little threat to security but may warrant encryption in a 
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hostile environment. A fixed network node within a building offers opportunity for 
eonnection to fixed power sourees. A wireless network ereates vulnerability to denial of 
service attacks. A low-powered network attenuated by exterior walls emits a lessened 
footprint and reduces the risk of eavesdropping or malicious nodes even sensing a 
network. However, in this case, any nodal transmission should be less than what is 
required to pass through floors or exterior walls. Therefore, static nodes would need to be 
placed appropriately to relay information from any rooms back to a compiling system. 

The lightweight, non-obtrusive, untethered device requirement translates to battery 
operated, less than a few square inches, and weigh no more than cellular phones of today. 
Each floor could contain a single integrated router or each section of a floor could contain 
an integrated router. Topology and routing dictate power requirements at differing levels 
or roles. A compiling system with a BET overlay, presumably viewable at each nurse’s 
workstation, enables multi-viewing and querying. Therefore, an interface must exist to a 
system networking multiple locations and capable of displaying received information to 
all users simultaneously. Any PC, laptop, or even smart phone on the market today 
possesses ample capability to receive IP based packets, glean the information contained 
therein and display on a map or multi-dimensional model executed at the application 
layer of the TCP/IP protocol stack. The system must be maintainable by hospital staff 
with minimal effort. Any device carried by personnel must be highly transportable. A 
device requiring a battery change out or being below a disposable cost-point both offer 
reasonable levels of maintainability. An IP-based system easily allows IP-capable 
devices, such as smart phones, to join the larger network and participate in data exchange 
assuming a security layer exists between the external interface and the nodes. 
Incorporation of smart phones as user interfaces and user input mechanisms presumably 
ensures the highest level of adoption. Therefore, accomplishing indoor geolocation of 
personnel through means of Wi-Ei triangulation is assumed to provide sufficient 
accuracy. Implementation requires that users allow location sharing with the intended 
application on the device. Personnel without a Wi-Ei capable personal device should 
carry a dedicated 6 E 0 WPAN device. Easily, a system node on common equipment 
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should last at least one month, or 30 days, without requiring battery swap out. Nodes 
worn by individuals should last no fewer than 24 hours and ideally as long as 30 days. 

Compiling the operational requirements leads to a list of required functions and 
results in answering the research question of where 6 L 0 WPAN could interface current 
support capabilities. The functions in Figure 13 accomplish maintaining near real-time 
location of all hospital resources and personnel. 



The functions cleanly translate into operational requirements from which technical 
requirements can be derived. 

Figure 13. Essential Functions for Maintaining Near Real-Time Location 

of all Flospital Resources and Personnel. 


D. COMBAT SUPPORT TECHNICAL REQUIREMENTS 

The technical requirements of maintaining near real-time location of all hospital 
resources must trace back to the aforementioned operational requirements. Table 8 places 
performance metrics on operational requirements, quickly deriving system technical 
requirements for operational use as a smart-building equipment and personnel tracking 
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system. Success of a system enhancing NRT locating of hospital resources and personnel 
rests on meeting the specified system technical requirements. 


Table 8. Translation of a Smart Building’s Operational Requirements 

to System Technical Requirements. 


Operational 

Requirement 

System Teehnieal Requirement 

Performanee Metries 

B.l 

Geo-Loeate 
Equipment and 
Personnel 

The system must geo-loeate other nodes at least 20 
meters through obstrueted line-of-sight (OLOS) 
equivalent to a 10-ineh thiek eonerete wall. (Equivalent 
to 200 m LOS) 

Position must update onee every 10 minutes 

Range (meters) 

Frequeney (minutes) 

B.1.1 

Geo-Loeate 

Equipment 

The system must be eapable of geo-loeating equipment 
without use of a separate system eapability to an aeeuraey 
of 5 meters (O) but as low as 10 meters (T). 

Aeeuraey (meters) 

B.l.2 

Interfaee 

Personnel 

Loeation System 

The system must be eapable of aeeepting geoloeation 
from personal smartphones. 

Definition of Interfaee 
(exehange of energy, 
information) 

B.2 

Enable 

Supportability 

and 

Maintainability 

The added system weight must not exeeed 0.45kg (1 
pound) (T); must not exeeed 0.28kg (0.5 pounds)(0). 
Deviees on personnel must last no less than 24 hours 
before battery replaeement 

Deviees on equipment must last no less than 30 days 
before battery replaeement. 

Deviee size must remain smaller than deviee to whieh it 
attaehes 

System Weight 
(pounds) 

Duration (hours, days) 

Size (relative) 

B.3 

Proteet 

Information and 
Provide Seeurity 

The system must not allow uninvited nodes from joining 
network 

The system must prevent eompromising of personally 
identifying information 

Aeeepted seeurity 
praetiees in plaee 


The transition requires a measure of assumption and generalization but a thorough proeess of 
operational analysis enables extraetion of teehnieal requirements the system must aeeomplish. 
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IV. ANALYSIS OF 6LOWPAN FEASIBILITY 


This chapter addresses 6 L 0 WPAN protoeol performanee against derived system 
requirements. In doing so, the chapter answers the researeh question of assessing 
feasibility for Army usage in both an operational setting and support setting. Measures of 
performanee within a eommunication system at each setting defined in previous ehapters 
lead to measures of sueeess, or feasibility. Both seenarios provide an opportunity to 
address the researeh question on SWAP eosts. 

A. OPERATIONAL SETTING 

In a BFT baekhaul role, analyzing suffieieney for operational use, ean begin at 
any point sinee all performanee requirements (deviee size, range, throughput, duration, 
topology, and seeurity) must be assessed against all others. This analysis demonstrates 
only a subset of ealeulations. Assessments in this ehapter initially assume a star topology 
with intent to minimize size and power while meeting throughput and range 
requirements. 

1. Range 

In attempts to keep size and weight as small as possible, the device should 
be no larger than the battery size if possible. The dominant dimension of a standard 
AA battery is 5.05 eentimeters (2 inches) and a standard AAA battery is 4.45 eentimeters 
(1.75 inehes). Antenna gain advantage (Equation 2.2) amplifies the signal on both the 
transmitting and reeeiving ends. Considering input parameters eonsistent with Table 9, 
Friis’ free spaee equation (Equation 2.1) is used to ealculate the EOS transmission range. 
The results of these ealeulations fail to meet the worst-ease operational requirement of 
300 meters using just 0.5 mW of transmission power, as shown in Figure 14. However, 
dipole antenna length affeets the transmission power at a non-linear rate of ehange. The 
analysis assumes equal antenna lengths and assoeiated gains on both the transmitting and 
reeeiving deviees. 


45 



Table 9. Input Parameters to Friis’ Free Spaee Equation 


Input Parameter 

Value 

Dipole Antenna Length (inches) 

1.70 to 2.45 

Transmission Power (dBm) 

-3 

O-QPSK Frequency (MFlz) 

2450 

Receiver Sensitivity (dBm) (O-QPSK) 

-85 

Noise Factor (dB) 

3 


Maximum Range (m) Capability based on a Dipole Antenna Length (in) 



The relationship demonstrates the effeet antenna length has on range. Beyond 300 meters 
range, atmospherie attenuation reduees range at rates not reflected by the relationship. 

Figure 14. Range Capability as a Funetion of Minimum Power and 

Dipole Antenna Length 

An optimized solution meets the required distance with the least amount of power 
but must balance overall device length as an additional constraint from the user. Figure 
15 shows a series of maximum range capabilities based on varying dipole antenna length 
and transmission power. Achieving 300 meters is possible by 0 dBm (1 mW) but requires 
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a dipole antenna length of at least 2.3 inches. However, decreased dipole antenna length 
directly increases transportability to the user. 


Maximum LOS Range (m) Capability based on a Dipole Antenna Length (in) 



Observing the 300-meter requirement, lower transmission strength requires more dipole 
antenna length. At 2 inehes, at least 5 dBm of Transmission power is required. ISM Band 
restrietions limit maximum output to 0 dBm. Therefore, at 0 dBm, at least 2.3 inehes of 
dipole antenna length are required. 

Figure 15. Relationship between Antenna Length, Transmission Power, and Range 


User requirements should define a maximum device dimension but be mindful of 
the direct influence on required energy. Optimizing a minimum size suggests a maximum 
dimension no larger than the required battery size. However, the minimum power able to 
reach beyond 300 meters with only -2 dBm (0.63 mW) is approximately 2.45 inches 
dipole length. 

The resultant range values use an estimated loss factor of 3 dB due to internal 
componentry. Removing this factor essentially increases the range by a multiple of 1.414, 
the square root of two. This thesis does not perform analysis on obstructed LOS, though 
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equations such as the Okamura-Hata model equations exist and can be used to determine 
radio frequency behavior for urban areas given specific input parameters. 

2. Throughput 

Only actual realized data rate determines performance. Detractors from data rate 
include headers, or overhead, at each layer discussed in Chapter II. In the best case, 
headers reduce the 127-byte message to carrying 78 bytes of payload traffic. This factor 
of actual payload versus message length results in 61.5% of the intended 250 kbps 
throughput, equating to approximately 153 kbps. In the worst case, only 35.4% of 250 
kbps transmits payload, equating to approximately 88 kbps actual realized throughput. 
Further still, CSMA-CA protocols reduce throughput as a function of distance, a factor of 
0.86 at 300 meters and 0.96 at 30 meters. Thus, resulting in a maximum realized 
throughput between 76 kbps and 132 kbps at 300 meters, and 85 kbps to 147 kbps at 30 
meters. 

Voice communications could feasibly occur with high compression rates 
performed by compressor-decompressor (codec) devices. However, this thesis does not 
measure the acceptability of voice performance, scalability effects from additional users, 
or additional power consumption a codec may draw. In any case, additional users reduce 
the amount of available throughput and additional processing requires additional power. 

3. Power and Energy 

Energy measurements are calculated based on intended throughput reduced only 
by the CSMA-CA factor since it affects transmission rates. Figure 16 uses Equation 2.5 
to display the energy expended for a device containing a dipole antenna of 2.45 inches in 
length, and transmitting a full-length message of 127 bytes to a range of 300 meters. 
Figure 16 shows the energy expended in Joules for data rates ranging from 250 kbps, the 
theoretical maximum of 2.4 GHz, at 300-meter separation using CSMA-CA protocols, to 
100 kbps, an alternate value specified in the protocol. Figure 16 also shows the energy 
expended based on varying transmission powers ranging from -5 dBm (0.316 mW) to 4 
dBm (2.5 mW). 
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Incorporating Equation 2.4, data aggregation costs further energy at a rate of 5 nJ 
per bit. Thus, full-length messages of 127 bytes cost 5080 nJ per transmission for data 
aggregation alone. Expecting a CSMA-CA throughput performance of 215 kbps at the 
maximum ISM power of ImW (0 dBm), a full-length message expends an estimated 
4064 nJ. Compiling both energy decrements using Equation 2.6, the total energy 
expended as a function of message length, distance, transmission power, and throughput 
is displayed in Eigure 16. 


Total Energy Expended at Varying Data Rates at Min Required Range (300m) 



The data aggregation energy adds to the transmission energy for total energy expended 
based on a 300-meter range. The figure also represents a CSMA-CA factor of 0.86, and 
sending a full message length of 127 bytes plus 5 nJ/bit of aggregation. 


Figure 16. Total Energy Expended per Message for Various Data Rates and 
Transmission Powers using CSMA-CA Protocols at 300 meters 


Thus, assuming a linear battery drain profile to simplify analysis, a fully charged 
AAA rechargeable battery discharging at 1.2 volts contains 1000 mA-hours, 4320 Joules, 
or 4320 Watt-seconds. A fully charged AA battery discharging at 1.2 volts contains 1700 

mAh, or 2040 mW-hours, or 7344 Joules. Another option is to use a disposable AA or 
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AAA battery discharging at 1.5 volts that contains even more energy. This option is a 
simple calculation difference and not investigated in this thesis. Each message, depending 
on the data rate and message length, takes a specific time to send. This transmission time 
is denoted as ttrans- Hence, combining the amount of energy expended per message, Eps, 
ttrans, and applying CSMA-CA protocols at 300 meters, the worst-case device duration 
times can be calculated. The device duration times are shown in Table 10. As a 
walkthrough example, at 250 kbps, the CSMA-CA protocols throttle the actual 
throughput down by a factor of 0.86 at 300 meters to 215 kbps. A 127-byte message 
equates to 1016 bits and dividing the length by rate computes hrans in seconds per 
message. The total Watts expended per message, as calculated in Equation 2.6, vary by 
transmission power, message length, processing power assumption, and bit rate. The 
duration of a device varies by energy source size. Table 10 only highlights the results for 
-2 dBm and 0 dBm for both battery types and various bit rates. 
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Table 10. Device Duration (High-Low limits, -2 dBm and 0 dBm) by Data Rate in Continuous Operation 

using AA or AAA Battery 


Data 

Rate 

(kbps) 

Actual Data 
Rate (kbps) 
using CSMA- 
CA protocols 
at 300 m 

Actual 

Throughput 

(kbps), 

variable header 
plus CSMA- 
CA at 300 m 

Cans 

(s/msg) 

L/R 

Total 

Watts 

expended 

per 

message 

(-2dBm) 

Total Watts 
Expended 
per 

message 
(0 dBm) 

AAA Duration 

AA Duration 

-2 dBm 
(hours) 

OdBm 

(hours) 

-2 dBm 
(hours) 

OdBm 

(hours) 

100 

86 

30 to 53 

0.0102 

1.3E-05 

1.7E-05 

0.56 

0.48 

0.73 

0.63 

115 

98.9 

35 to 61 

0.0088 

1.2E-05 

1.5E-05 

0.58 

0.51 

0.76 

0.66 

130 

111.8 

39 to 69 

0.0078 

l.lE-05 

1.4E-05 

0.60 

0.53 

0.79 

0.69 

145 

124.7 

44 to 77 

0.0070 

l.OE-05 

1.3E-05 

0.62 

0.55 

0.81 

0.71 

160 

137.6 

48 to 85 

0.0064 

9.7E-06 

1.2E-05 

0.64 

0.56 

0.83 

0.73 

175 

150.5 

53 to 93 

0.0058 

9.3E-06 

1.2E-05 

0.65 

0.58 

0.85 

0.75 

190 

163.4 

58 to 101 

0.0053 

9.0E-06 

l.lE-05 

0.66 

0.59 

0.86 

0.77 

205 

176.3 

62 to 109 

0.0050 

8.7E-06 

l.lE-05 

0.67 

0.60 

0.88 

0.79 

220 

189.2 

67 to 117 

0.0046 

8.5E-06 

l.OE-05 

0.68 

0.61 

0.89 

0.80 

235 

202.1 

71 to 125 

0.0043 

8.3E-06 

l.OE-05 

0.69 

0.62 

0.90 

0.81 

250 

215 

76 to 132 

0.0041 

8.1E-06 

9.8E-06 

0.70 

0.63 

0.91 

0.83 


This table depicts expected device duration of various data rates transmitting full-length messages for a six-member fire team. It also assumes 5 
nJ/bit for processing. 
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Assuming constant transmission and data aggregation at an actual rate of 215 
kbps based on 250 kbps transmitted for a star topology, and -2 dBm (0.63 mW) output 
power, a 6 L 0 WPAN device using an AA battery would last no less than 0.91 hours, or 55 
minutes. Similarly, using an AAA power source with identical inputs allows continuous 
operations for no less than 0.70 hours, or 42 minutes. A sensitivity analysis on data 
aggregation energy shows that doubling the required power to lOnJ/message reduces the 
expected lifetime of the same parameters of an AA powered device to last approximately 
43 minutes, and AAA powered devices to last approximately 33 minutes. 

Constant transmissions, however, may not be necessary per the requirement that 
data position updates occur only once every 10 seconds. This requirement updates the 
message per hour rate to 360 messages per hour, far less than 762,000 messages per hour 
used for continuous transmissions. Therefore, the anticipated device duration at 300 
meters, transmitting at -2 dBm once every 10 seconds, and using CSMA-CA protocols 
lasts 26.5 hours (AA Battery) or 20.3 hours (AAA Battery). 

4. Topology 

The data presented thus far describe a star network performance. However, mesh 
topologies can be supported for a team size element must take three or fewer hops to 
support requirements A.2 and A.3. Considering each retransmitted message requires the 
same amount of energy as an original message, a team member acting as a cluster head 
should expect to pass traffic from additional nodes at a rate equal to the overall team size, 
n, plus his or her own every ten seconds, as shown in Figure 17. Similarly, nodes closest 
to a cluster node should nominally expect to pass traffic from additional nodes, at a rate 
half the size of the team, n/2 times as often also shown in Figure 17. Obviously, nodes 
serving in a cluster head role require additional energy sources. 


52 




The number of messages a meshed deviee should expeet to pass depends on the team or 
squad position. The closest in, or orange, team member (surrounded by the dotted line 
box), setup by this specific routing configuration should expect to pass 3 messages 
(shown in blue, orange, and green to highlight separate messages) every 10 seconds. 

Figure 17. The Number of Messages Any Device Should Expect to Pass 

Therefore, a node operating as a team member node should nominally expect to 
pass three times the amount of messages every 10 seconds in a six member team. 
Additionally, scaling to a mesh network practically precludes voice traffic already on the 
minimum edge of acceptability in a point-to-point configuration. Table 11 displays the 
resultant duration expectancies for a team member device in a data-only transmission 
environment. 
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Table 11. Team Member Deviee Duration (High-Low limits, -2 dBm and 0 dBm) by Data Rate given 

Expeeted Traffie Demand UsingAA or AAA Battery 


Data 

Rate 

(kbps) 

Actual 

Data 

Rate 

(kbps) 

using 

CSMA- 

CA 

protocols 
at 300 m 

Actual 
Throughput 
(kbps), 
variable 
header plus 
CSMA-CA 
at 300 m 

Itrans 

(s/msg) 

L/R 

Total 

Watts 

expended 

per 

message 
(-2 dBm) 

Total 

Watts 

Expended 

per 

message 
(0 dBm) 

AAA 

AA 

Duration 
at -2 
dBm 
(hours) 

Duration 
at 0 
dBm 
(hours) 

Duration 
at -2 
dBm 
(hours) 

Duration 
at 0 
dBm 
(hours) 

100 

86 

30 to 53 

0.0102 

l.OE-05 

1.7E-05 

9.42 

8.11 

12.28 

10.57 

115 

98.9 

35 to 61 

0.0088 

9.5E-06 

1.5E-05 

9.80 

8.51 

12.78 

11.09 

130 

111.8 

39 to 69 

0.0078 

9.0E-06 

1.4E-05 

10.14 

8.86 

13.22 

11.55 

145 

124.7 

44 to 77 

0.0070 

8.6E-06 

1.3E-05 

10.43 

9.17 

13.59 

11.95 

160 

137.6 

48 to 85 

0.0064 

8.3E-06 

1.2E-05 

10.68 

9.44 

13.93 

12.31 

175 

150.5 

53 to 93 

0.0058 

8.0E-06 

1.2E-05 

10.91 

9.69 

14.22 

12.64 

190 

163.4 

58 to 101 

0.0053 

7.8E-06 

l.lE-05 

11.11 

9.92 

14.48 

12.93 

205 

176.3 

62 to 109 

0.0050 

7.6E-06 

l.lE-05 

11.29 

10.12 

14.72 

13.20 

220 

189.2 

67 to 117 

0.0046 

7.4E-06 

l.OE-05 

11.45 

10.31 

14.94 

13.44 

235 

202.1 

71 to 125 

0.0043 

7.2E-06 

l.OE-05 

11.60 

10.48 

15.13 

13.67 

250 

215 

76 to 132 

0.0041 

7.1E-06 

9.8E-06 

11.74 

10.64 

15.31 

13.88 


This table depicts expected device duration of various data rates transmitting full-length messages for a six-member fire team with each team 
member only sending traffic once every 10 seconds. It also assumes 5 nJ/bit for processing. 
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In a mesh topology, if each device attempts transmission only once every 10 
seconds and assuming 85 kbps realized throughput based on 250 kbps transmitted, and -2 
dBm (0.63 mW) output power, a 6 L 0 WPAN device using an AA battery would last no 
less than 15.3 hours. Similarly, using an AAA power source with identical inputs allows 
operations for no less than 11.7 hours. Further, if only position data (15 bytes) gets 
transmitted, an AA battery lasts over 17.5 hours and an AAA battery lasts over 13.4 
hours. 

The addition of a second battery simply doubles the lifetime, but adds associated 
weight. Though frequency and spectrum management may limit transmission power, 
antenna length for additional gain most directly maintains range at lesser transmission 
power. 


5. Security 

The NIST allows sending SBU information over an AES-CCM-128 network. All 
estimates of throughput, energy, and duration anticipate a byte requirement consistent 
with AES-CCM-256. Authorizing traffic at the appropriate level to transmit SBU saves 
18 bytes per message, or 144 bits per message. The savings of 18 bytes can be realized by 
increased payload space, resulting in increased throughput. Therefore, the shorter 
messages directly reduce energy consumption and increase device longevity. 

A star topology may fit current Infantry tactics, techniques, and procedures 
(TTPs) of being within EOS of the Team Eeader. Making the team leader (TL) a cluster 
head, the network devices search only for one target. Because the network is mobile and 
low power, the likelihood is lessened that an adversary could capture any payload data, or 
even affect the header data (that is unencrypted), thus negating the need for any further 
security in this area. 

Overall, network architecture limited only by IPv 6 , determines routing and hop 
count conditions. A route-over or mesh-under configuration determines necessary levels 
of security. The assumptions made in this analysis used worst-case values to ensure 
appropriate consideration of feasibility. 
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The military’s DOD Information Assurance Certification and Accreditation 
Process (DIACAP) must assess the network architecture. This thesis assumes firewall 
functionality exists at the interface between 6 L 0 WPAN devices and the larger network to 
allow less than AES-CCM-256 encryption. 

6. Geolocation 

Geolocation in a mobile ad-hoc network (MANET) requires data rates outside of 
the capability of this protocol. In a best-case scenario, attempting to triangulate location 
requires at least three additional stationary nodes. The nodes required to be stationary 
must self-report as stationary. This functionality requires additional programming to the 
processor, also requiring additional energy drain outside the scope of this thesis. This 
thesis assumes an interface to an external GPS device such as the DAGR, weighing one 
pound with battery. 

B. SUPPORT SETTING 

Applying the same process for analyzing sufficiency to a support setting 
demonstrates the robustness of the model. The same model process measures feasibility 
of 6 E 0 WPAN for secure Army use in a general support setting. 

1. Range 

Much closer range requirements exist within a combat support hospital. Often thin 
tent walls do little to attenuate signals at such close distances but employment within an 
occupied concrete structure could significantly alter the expected range of performance 
and act as a worst-case figure. Internal building attenuation of a 10-inch concrete wall, 
not uncommon in desert-area construction, of 10 dB nominally equates to a range 
reduction of one-tenth. Therefore, a requirement of 20 meters OEOS equates to ranging 
200 meters EOS. Referring back to Eigure 15, a 2.1 inch dipole antenna ranges 200 
meters EOS at 0 dBm (1 mW) and a 2.2 inch dipole antenna ranges 200 meters EOS at -2 
dBm (0.63 mW). 
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2. Throughput 

Throughput remains consistent between both models employing CSMA-CA and 
header options. Reduction in message sizes, fewer nodes, and closer ranges increase 
throughput. 


3. Power and Energy 

Power and energy calculation methods remain consistent between both models 
but the requirement for the number of messages per unit time differs. Requirements for 
equipment updates within a facility differ depending on the relative importance of the 
piece. Assuming a position update frequency every 10 minutes, a lower range 
requirement, and potential for shorter message lengths, the battery life extends well 
beyond the BFT use. Table 12 shows an abbreviated version of expected device duration 
at varying data rates, 5 nJ/bit of data aggregation, suggested upper and lower 
transmission powers for each battery type, star topology, position only message lengths, 
and frequencies. 
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Table 12. Item Tracker Device Duration (High-Low Transmission Powers, dBm) by Data Rate given 

Expected Traffic Demand using AA or AAA Battery 


Data 

Rate 

(kbps) 

Actual 

Data 

Rate 

(kbps) 

using 

CSMA- 

CA 

protocols 
at 200 m 

Actual 
Throughput 
(kbps), 
variable 
header plus 
CSMA-CA 
at 200 m 

brans 

(s/msg) 

L/R 

Total 

Watts 

expended 

per 

message 
(-2 dBm) 

Total 

Watts 

Expended 

per 

message 
(0 dBm) 

AAA 

AA 

Duration 
at -2 
dBm 
(hours) 

Duration 
at 0 
dBm 
(hours) 

Duration 
at -2 
dBm 
(hours) 

Duration 
at 0 
dBm 
(hours) 

100 

92 

30 to 53 

0.0078 

9.6E-06 

1.3E-05 

169 

147 

233 

206 

175 

161 

52 to 93 

0.0044 

7.1E-06 

9.0E-06 

192 

173 

262 

239 

250 

230 

76 to 132 

0.0031 

6.2E-06 

7.5E-06 

205 

188 

277 

257 


This table depicts expected device duration of various data rates transmitting position-length only messages. Position messages only require 15 
bytes of payload data as opposed to the 45-87 available bytes of full-length messages. The CSMA-CA rate estimated logarithmically between 
0.86 (300m) and 0.96 (30m) to be 0.92 (200m) 
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Further observation of Table 12 reveals the duration of deviees meet a 
requirement to last beyond seven days (168 hours) at -2 dBm. Coupled with a battery 
charger, assuming ideal battery performance, a long-term expectation of devices lasting 
at least one week is reasonable. Batteries could alternate weeks of use and re-charging in- 
between. To range 200 meters at -2 dBm, the device length must be at least 2.2 inches. 

4. Topology 

The scenario assumes a star topology requiring integrated access points capable of 
translating 802.15.4 protocol into 802.1 lx backhaul. Otherwise, a meshed network 
increases power demand on nodes closest to the access points as discussed in the prior 
topology analysis. 

5. Security 

Comprehensive security analysis depends on network configuration. As discussed 
earlier, the ability of nodes to enter and exit the network affects available levels of 
security. The requirement specifies a closed architecture, equating to a sub-router 
topology. Should a requirement arise to begin accepting out-of-network nodes, dedicated 
access points with firewall capabilities must filter traffic and process the nodes in a 
segregated manner until a network administrator adds the verified MAC address to an 
allowed address list. 

6. Geolocation 

Geolocation requires at least three stationary nodes that sense and report from a 
stationary standpoint. Feasibly, 802.1 lx access points or integrated routers could 
triangulate on a fourth node. However, if any node attempting to geo-locate is moving, 
measurement accuracy suffers. Lastly, processing time and power effects due to 
Geolocation place higher demands on the system. 
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V. SUMMARY AND CONCLUSIONS 


This chapter summarizes the steps used to evaluate 6 L 0 WPAN against presumed 
user requirements and demonstrates how the same model can assess similar eapabilities, 
or protoeols, against similar requirements. Metries used inelude throughput (bits per 
second), transmission power, reeeiver sensitivity power, antenna gain effects, internal 
noise faetor, as well as size and weight. Assoeiated monetary costs remain for follow on 
researeh. Finally, the model proeess used should prove applieable to similar 
communication-based requirements. 

A. CONCLUSIONS 

Desirability of 6 L 0 WPAN comes from the just-enough power draw to accomplish 
a necessary mission resulting in signifieant savings on power and energy costs. 
6 L 0 WPAN also allows for interconnecting “things” at very little additional weight. 
Limitations of 6 L 0 WPAN primarily include low throughput and short range. This thesis 
placed 6 L 0 WPAN at the individual Soldier and possibly team or squad leader level in an 
operational setting leaving heavier backhaul capability to larger and more robust 
communications protocols. In an operational setting that often operates in a more static 
nature, 6 L 0 WPAN intereonnects “things” to any router aceess point. 6 LoWPAN’s 
security readily accepts AES-CCM-128 eneryption, strong enough for the NIST to 
authorize transportation of SBU information. Seeurity options available to 6 L 0 WPAN 
inelude AES-CCM-128 encryption and though the speeification does not discuss AES- 
CCM-256 encryption, it may be possible but requires additional testing. Security 
mechanisms most important to the Army depend on speeific requirements. In the two 
assoeiated scenarios, network topology affects energy and throughput values but does not 
affect attack resistance strength. Routing protocols and whether or not devices are 
dynamically or statically assigned affect resistance strength to the most eommon threats. 
Pre-assigned deviee, or node, addresses prevent most attaeks involving malieious nodes. 
Operational employment of 6 E 0 WPAN easily supports position and other small message 
size transmissions at sufficient ranges below the squad level. Eunctionality including 


61 



touch screen capabilities requires interfaeing an external eapability with additional 
proeessing and power. Employment of 6 L 0 WPAN in a support setting shows strong 
potential for interconnecting any “thing” worthy of joining the larger network. 
Maximizing performance requires tradeoffs between range, device duration, and 
overhead. Throughput, seeurity, routing options, and protoeols all affeet overhead 
amounts, or header length. Using 6 L 0 WPAN devices to aecomplish eurrent functionality 
saves size and weight but saerifiees robustness of larger mission sets in different settings. 
Comparison against requirements established by the user eommunity must ultimately 
determine suffieiency and feasibility of 6 L 0 WPAN and whether or not the capability is 
worth acquiring. The notably small size, weight, and power of 6 L 0 WPAN address the 
research question of whether or not 6 L 0 WPAN and its usage against similar 
communieation-based requirements merit additional exploration for the Army, and other 
services. This thesis demonstrates a method of evaluating feasibility of performanee and 
security for use. 

B. AREAS FOR FUTURE RESEARCH 

This thesis covers a large amount of surfaee level assessment using various 
assumptions. Areas for future researeh include opportunities to refine the findings with 
empirieal data or refined effeets estimates. Additional areas of future research include 
applieation of the model to other eommunications-based requirements. 

The first area of future researeh involves a deeper look at power drain given 
expected parameters facing 6 L 0 WPAN operation. OLOS signal attenuation effects from 
various construction materials in the 802.15.4 range of operation eould potentially couple 
with meshed networking to reboost signal strength but aetual performance should be 
researehed further. Urban and suburban multipath effects could be eaptured by Okamura- 
Hata empirical equations in anticipated usage environments to better estimate actual 
performance without empirieal data from specific environments. Similarly, resilieney 
against additional threats may require increased security. However, increased seeurity 
inevitably decreases available payload space for throughput or possibly more power 
eonsumption. 
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A second large area of future research includes detailed investigation of 
6 L 0 WPAN interfaces with existing or necessary capability. In this thesis, 6 L 0 WPAN 
interfaces integrated access point routers. Any translation between protocols likely causes 
some amount of throughput and possibly latency degradation. A detailed study of the 
effects provides better fidelity to expected performance. Additionally, 6 L 0 WPAN 
interfaces Nett Warrior. Nett Warrior offers capabilities far beyond 6 L 0 WPAN alone. 
6 L 0 WPAN accomplishes what the SRW of the AN/PRC-152 accomplishes. The SRW 
SWAP characteristics of the handheld radio cannot be directly compared to 6 L 0 WPAN, 
thus the additional capabilities of the AN/PRC-152, an already procured solution, could 
be compared. Other services without an already procured material solution, such as the 
United States Marine Corps, may gain from additional research in this area. Also, 
6 L 0 WPAN must interface a geo-positioning device such as the Army’s DAGR. 

Therefore, additional research on the accuracy of 6 L 0 WPAN geo-locating capabilities 
and associated overhead may render an external geo-positioning device unnecessary. 

The amount of data aggregation power exchanged between interfaced devices also 
needs to be measured. For instance, a selectively capable smart phone device possesses 
processing power, screen displays, touch screen capabilities, and on-board storage 
capacity. Such a device similar to Nett Warrior’s display device, may offer potential for 
similar functionality to Nett Warrior while benefitting from smaller size and weight. The 
duration capability of such a device to be commensurate with 6 L 0 WPAN devices 
provides opportunity for future research. The resultant research could more appropriately 
compare 6 L 0 WPAN with Nett Warrior at varying levels of employment. As observed in 
Figure 17, increasingly higher levels of command require significantly higher energy 
sources. Additionally, topology and routing impact energy source requirements. For 
instance, a squad configured into one single mesh may require a more distributed energy 
load balance below the squad leader, who in turn, would require a significantly higher 
energy source. Near-term research could determine power requirements at each level of 
the command given different network configurations set to match varying tactical 
configurations. Research is also necessary to determine whether or not on-board cache 
memory makes message disaggregation and re-aggregation at the physical layer sufficient 
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for required uses. This eould allow larger messages with reasonable assuranee of receipt 
by intended destination. 

A third area of future research exists in material enhancements. Enhanced 
material densities of batteries offer longer durations at lighter weights. Increasingly 
smaller microprocessors and flash-memory devices offer smaller and lighter device 
dimensions thereby increasing the relative advantage over available capabilities. 
Additionally, antenna gain properties in this thesis assumed a worst-case dipole antenna. 
The dipole equation used typically applies to infinitesimally small antennas but other 
equations defining antenna gain differently or for different antenna patterns directly 
affect power and energy. 

A fourth area of potential research lies in confirming all remaining assumptions 
made in this model. Confirming 5 nJ/bit for data aggregation requires empirical data that 
could potentially uncover further dependent variables. This research could also affect the 
research pertaining to 6 L 0 WPAN interfaces. This thesis chose 1.2V rechargeable NiMH 
batteries for analysis. Other applications could require disposable batteries depending on 
transportability requirements. Such batteries typically discharge at a nominal 1.5 volts. 
Additionally, batteries draining at non-linear rates could affect analysis in ways 
warranting research. 

A fifth area of research could encapsulate sufficiency from a user perspective 
given resultant throughput. Voice quality at rates less than 100 kbps requiring codec 
capabilities should be measured against subjectively defined acceptability. Similarly, 
future research could determine sufficiency of data messaging at maximum remaining 
payload in other applications. 

A final area of potential research opportunities exists in applying the same model 
to different applications. Research could determine the suitability of this approach to 
model similar measures of performance and methods of measure applied to similar 
communication-based systems. 
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